{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","type":"deb","namespace":"debian","name":"poppler","version":"0.71.0-5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"25.03.0-11.1","latest_non_vulnerable_version":"25.03.0-11.1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82697?format=json","vulnerability_id":"VCID-2ck3-hjtt-hbax","summary":"poppler: pdftohtml: access to uninitialized pointer could lead to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27778","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51622","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51658","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51712","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51708","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51758","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51719","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.5176","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51767","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51747","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51699","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51705","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51665","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51612","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51663","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900712","reference_id":"1900712","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1900712"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1881","reference_id":"RHSA-2021:1881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1881"},{"reference_url":"https://usn.ubuntu.com/4646-1/","reference_id":"USN-4646-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4646-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2020-27778"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ck3-hjtt-hbax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78166?format=json","vulnerability_id":"VCID-48ua-ch85-w3cg","summary":"poppler: Reachable assertion in Object.h","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38349","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05609","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05403","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05443","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05484","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05487","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05533","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05794","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05785","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05779","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05743","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05714","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05751","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282","reference_id":"1282","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251630","reference_id":"2251630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251630"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28","reference_id":"4564a002bcb6094cc460bc0d5ddff9423fe6dd28","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28"},{"reference_url":"https://usn.ubuntu.com/6508-1/","reference_id":"USN-6508-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6508-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2022-38349"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-48ua-ch85-w3cg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70459?format=json","vulnerability_id":"VCID-4ucr-xaac-7uc7","summary":"poppler: Floating-Point Exception in Poppler","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32364","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26434","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2638","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26478","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26252","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26319","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26371","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26333","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26275","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26281","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26256","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29511","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29581","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29439","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.295","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29642","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29755","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29831","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32364"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190","reference_id":"1102190","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574","reference_id":"1574","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2357657","reference_id":"2357657","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2357657"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3","reference_id":"d87bc726c7cc98f8c26b60ece5f20236e9de1bc3","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3"},{"reference_url":"https://usn.ubuntu.com/7426-1/","reference_id":"USN-7426-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7426-1/"},{"reference_url":"https://usn.ubuntu.com/7426-2/","reference_id":"USN-7426-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7426-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2025-32364"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ucr-xaac-7uc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82426?format=json","vulnerability_id":"VCID-5py7-z1gg-9fet","summary":"poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14494","reference_id":"","reference_type":"","scores":[{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83467","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.8348","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83493","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83518","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83527","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83542","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83536","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83532","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83567","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83568","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83592","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.836","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83605","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83629","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83649","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01969","scoring_system":"epss","scoring_elements":"0.83668","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1797453","reference_id":"1797453","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1797453"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812","reference_id":"933812","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3977","reference_id":"RHSA-2020:3977","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4643","reference_id":"RHSA-2020:4643","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4643"},{"reference_url":"https://usn.ubuntu.com/4091-1/","reference_id":"USN-4091-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4091-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2019-14494"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5py7-z1gg-9fet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79174?format=json","vulnerability_id":"VCID-72nw-9jgd-4kdw","summary":"poppler: abort in main() in pdfunite.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37051","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1369","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1349","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13571","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13593","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13556","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13508","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1342","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13416","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13489","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13496","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13468","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13361","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13265","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13422","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13506","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234528","reference_id":"2234528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234528"},{"reference_url":"https://usn.ubuntu.com/6508-1/","reference_id":"USN-6508-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6508-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2022-37051"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-72nw-9jgd-4kdw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82724?format=json","vulnerability_id":"VCID-8t2a-b56v-tqcs","summary":"poppler: stack consumption in function Dict::find() in Dict.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9903","reference_id":"","reference_type":"","scores":[{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72654","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72847","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72801","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72798","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72822","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72662","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72657","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72696","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72709","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72733","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72716","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72706","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72748","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72759","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72751","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.72792","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9903"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/741","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/741"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/"},{"reference_url":"https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/","reference_id":"","reference_type":"","scores":[],"url":"https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/"},{"reference_url":"http://www.securityfocus.com/bid/107560","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107560"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691724","reference_id":"1691724","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1691724"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264","reference_id":"925264","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9903","reference_id":"CVE-2019-9903","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2019-9903"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8t2a-b56v-tqcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82664?format=json","vulnerability_id":"VCID-96jm-1vhy-eyfd","summary":"poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11026","reference_id":"","reference_type":"","scores":[{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66509","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66715","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66654","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66628","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66672","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66549","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66574","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66546","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66593","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66607","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66626","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66614","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.6658","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66616","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66631","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66615","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66641","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00514","scoring_system":"epss","scoring_elements":"0.66655","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-11026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/752","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/752"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/"},{"reference_url":"https://research.loginsoft.com/bugs/1508/","reference_id":"","reference_type":"","scores":[],"url":"https://research.loginsoft.com/bugs/1508/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1699862","reference_id":"1699862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1699862"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721","reference_id":"926721","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11026","reference_id":"CVE-2019-11026","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-11026"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2019-11026"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-96jm-1vhy-eyfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78187?format=json","vulnerability_id":"VCID-bc96-6vy6-ryfz","summary":"poppler: Stack-Overflow in `FoFiType1C::cvtGlyph`","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36023","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20984","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21138","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20832","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20768","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20671","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20744","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21193","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20987","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21048","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21064","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2102","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20968","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20955","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20935","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20804","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.208","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013","reference_id":"1013","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2231510","reference_id":"2231510","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2231510"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html"},{"reference_url":"https://usn.ubuntu.com/6299-1/","reference_id":"USN-6299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2020-36023"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bc96-6vy6-ryfz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79177?format=json","vulnerability_id":"VCID-c4wz-u632-eyeh","summary":"poppler: abort in PDFDoc::savePageAs in PDFDoc.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37050","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19984","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19715","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19786","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19693","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19687","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19653","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19546","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.1963","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20043","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19769","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19849","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19903","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19912","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19811","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19783","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274","reference_id":"1274","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234527","reference_id":"2234527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234527"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990","reference_id":"dcd5bd8238ea448addd102ff045badd0aca1b990","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html","reference_id":"msg00022.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html"},{"reference_url":"https://usn.ubuntu.com/6508-1/","reference_id":"USN-6508-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6508-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2022-37050"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c4wz-u632-eyeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82344?format=json","vulnerability_id":"VCID-crcj-9bh9-7kb7","summary":"poppler: integer overflow in JPXStream::init function leading to memory consumption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9959","reference_id":"","reference_type":"","scores":[{"value":"0.0146","scoring_system":"epss","scoring_elements":"0.80975","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0146","scoring_system":"epss","scoring_elements":"0.80953","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.80986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81009","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81008","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81036","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81043","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.8106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81047","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81039","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81077","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81075","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81097","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81105","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81113","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.81127","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01488","scoring_system":"epss","scoring_elements":"0.80977","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732340","reference_id":"1732340","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1732340"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776","reference_id":"941776","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1074","reference_id":"RHSA-2020:1074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1074"},{"reference_url":"https://usn.ubuntu.com/4646-1/","reference_id":"USN-4646-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4646-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2019-9959"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-crcj-9bh9-7kb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82912?format=json","vulnerability_id":"VCID-cwyp-gapg-yufk","summary":"poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20650","reference_id":"","reference_type":"","scores":[{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57699","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57832","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.5779","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57768","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57726","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57783","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57803","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57834","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57851","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57808","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57837","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57836","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.57812","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.5777","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/704","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/704"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html"},{"reference_url":"http://www.securityfocus.com/bid/106459","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106459"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665263","reference_id":"1665263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665263"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974","reference_id":"917974","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20650","reference_id":"CVE-2018-20650","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/3865-1/","reference_id":"USN-3865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3865-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2018-20650"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cwyp-gapg-yufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70458?format=json","vulnerability_id":"VCID-d5fj-5prg-97f4","summary":"poppler: Out-of-Bounds Read in Poppler","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32365","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23232","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23195","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23184","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23176","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23073","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23158","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23561","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23343","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23416","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23466","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23484","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23446","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23391","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23408","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23403","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23385","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-32365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191","reference_id":"1102191","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577","reference_id":"1577","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792","reference_id":"1792","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2357656","reference_id":"2357656","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2357656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0126","reference_id":"RHSA-2026:0126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0126"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0128","reference_id":"RHSA-2026:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0130","reference_id":"RHSA-2026:0130","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0130"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0772","reference_id":"RHSA-2026:0772","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0773","reference_id":"RHSA-2026:0773","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0773"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0774","reference_id":"RHSA-2026:0774","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0795","reference_id":"RHSA-2026:0795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0796","reference_id":"RHSA-2026:0796","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0796"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0797","reference_id":"RHSA-2026:0797","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0799","reference_id":"RHSA-2026:0799","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0799"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1090","reference_id":"RHSA-2026:1090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1091","reference_id":"RHSA-2026:1091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1091"},{"reference_url":"https://usn.ubuntu.com/7426-1/","reference_id":"USN-7426-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7426-1/"},{"reference_url":"https://usn.ubuntu.com/7426-2/","reference_id":"USN-7426-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7426-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2025-32365"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d5fj-5prg-97f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81122?format=json","vulnerability_id":"VCID-enu8-gjre-fbap","summary":"poppler: uncontrolled recursion in pdfinfo and pdftops","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23804","reference_id":"","reference_type":"","scores":[{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49843","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.4988","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49859","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49913","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49906","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49925","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49897","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49898","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49944","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49917","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49904","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49911","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49864","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49781","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.4984","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49868","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234526","reference_id":"2234526","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234526"},{"reference_url":"https://usn.ubuntu.com/6508-1/","reference_id":"USN-6508-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6508-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2020-23804"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enu8-gjre-fbap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83020?format=json","vulnerability_id":"VCID-ervj-1sdg-b3bm","summary":"poppler: pdfdetach utility does not validate save paths","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19060","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35073","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35273","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35301","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35227","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35252","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35256","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35172","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34938","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34919","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34829","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34701","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34774","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34811","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19060"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649450","reference_id":"1649450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182","reference_id":"913182","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://usn.ubuntu.com/3837-1/","reference_id":"USN-3837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2018-19060"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ervj-1sdg-b3bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49987?format=json","vulnerability_id":"VCID-h3q1-dbx2-hubv","summary":"A vulnerability has been discovered in Poppler which could allow for arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38784","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24652","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24689","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24461","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24531","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24591","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24547","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24506","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24499","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.25987","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26051","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26106","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26228","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26152","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26149","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26098","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971","reference_id":"1018971","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2124527","reference_id":"2124527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2124527"},{"reference_url":"https://security.archlinux.org/AVG-2812","reference_id":"AVG-2812","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2812"},{"reference_url":"https://security.gentoo.org/glsa/202209-21","reference_id":"GLSA-202209-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202209-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2259","reference_id":"RHSA-2023:2259","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2259"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2810","reference_id":"RHSA-2023:2810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2810"},{"reference_url":"https://usn.ubuntu.com/5606-1/","reference_id":"USN-5606-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5606-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2022-38784"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3q1-dbx2-hubv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82698?format=json","vulnerability_id":"VCID-k1uz-1eqt-pbc6","summary":"poppler: buffer overflow in HtmlOutputDev::page","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18839","reference_id":"","reference_type":"","scores":[{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39864","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40012","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39595","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39514","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39579","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40038","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40011","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40025","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39998","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39978","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.40028","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39999","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39919","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.3973","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00182","scoring_system":"epss","scoring_elements":"0.39644","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234524","reference_id":"2234524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234524"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/742","reference_id":"742","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/742"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2020-18839"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k1uz-1eqt-pbc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78188?format=json","vulnerability_id":"VCID-n1sx-y7xc-kqfb","summary":"poppler: NULL pointer dereference in `FoFiType1C::convertToType1`","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36024","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26431","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26481","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26146","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26145","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26027","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26091","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26524","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26305","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26373","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26423","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26385","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26335","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26308","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26272","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26203","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26196","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016","reference_id":"1016","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2231520","reference_id":"2231520","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2231520"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html","reference_id":"msg00017.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2979","reference_id":"RHSA-2024:2979","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2979"},{"reference_url":"https://usn.ubuntu.com/6299-1/","reference_id":"USN-6299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6299-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2020-36024"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sx-y7xc-kqfb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79175?format=json","vulnerability_id":"VCID-nqqu-29qr-wfec","summary":"poppler: reachable assertion due to a failure in markObject()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37052","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07427","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07674","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07467","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0746","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07606","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07469","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07451","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07509","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07532","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07534","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07507","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07429","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07418","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07547","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07508","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07498","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278","reference_id":"1278","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234530","reference_id":"2234530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234530"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c","reference_id":"8677500399fc2548fa816b619580c2c07915a98c","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c"},{"reference_url":"https://usn.ubuntu.com/6508-1/","reference_id":"USN-6508-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6508-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2022-37052"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqu-29qr-wfec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49250?format=json","vulnerability_id":"VCID-qtb6-gvjp-cqbq","summary":"Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27337","reference_id":"","reference_type":"","scores":[{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46733","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46649","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46713","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46773","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46793","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46742","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46819","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46798","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46854","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46851","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46799","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46782","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00237","scoring_system":"epss","scoring_elements":"0.46744","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695","reference_id":"1010695","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087190","reference_id":"2087190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087190"},{"reference_url":"https://security.archlinux.org/AVG-2812","reference_id":"AVG-2812","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2812"},{"reference_url":"https://security.gentoo.org/glsa/202509-01","reference_id":"GLSA-202509-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202509-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7594","reference_id":"RHSA-2022:7594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8151","reference_id":"RHSA-2022:8151","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8151"},{"reference_url":"https://usn.ubuntu.com/6273-1/","reference_id":"USN-6273-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6273-1/"},{"reference_url":"https://usn.ubuntu.com/7687-1/","reference_id":"USN-7687-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7687-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2022-27337"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtb6-gvjp-cqbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82677?format=json","vulnerability_id":"VCID-s3q2-uvnc-wfep","summary":"poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10871","reference_id":"","reference_type":"","scores":[{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70381","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70335","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70308","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70194","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70211","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70188","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70234","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70249","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70272","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70257","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70244","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70286","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70295","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70276","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.7033","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70338","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10871"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/751","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/751"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/"},{"reference_url":"http://www.securityfocus.com/bid/107862","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696636","reference_id":"1696636","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696636"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529","reference_id":"926529","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10871","reference_id":"CVE-2019-10871","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10871"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1074","reference_id":"RHSA-2020:1074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1074"},{"reference_url":"https://usn.ubuntu.com/4646-1/","reference_id":"USN-4646-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4646-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2019-10871"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3q2-uvnc-wfep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72599?format=json","vulnerability_id":"VCID-tfe8-bq62-3ke4","summary":"Poppler: out-of-bounds read","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56378","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53704","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53779","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53783","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53765","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53731","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53742","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53709","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53659","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53707","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53728","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53725","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53774","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53757","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53741","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-56378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322","reference_id":"1091322","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553","reference_id":"1553","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2333794","reference_id":"2333794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2333794"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e","reference_id":"ade9b5ebed44b0c15522c27669ef6cdf93eff84e","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621","reference_id":"CMakeLists.txt#L621","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/"}],"url":"https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621"},{"reference_url":"https://usn.ubuntu.com/7213-1/","reference_id":"USN-7213-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7213-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994387?format=json","purl":"pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1"}],"aliases":["CVE-2024-56378"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfe8-bq62-3ke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83023?format=json","vulnerability_id":"VCID-tt3h-qbbv-zuev","summary":"poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18897","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35201","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3562","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35609","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3556","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35321","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35301","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35221","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35103","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35173","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41536","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41626","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41653","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4158","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41639","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41663","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41629","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18897"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646546","reference_id":"1646546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646546"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164","reference_id":"913164","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2018-18897"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3h-qbbv-zuev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83019?format=json","vulnerability_id":"VCID-wbyn-9mx6-a3gd","summary":"poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19059","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3222","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32392","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32217","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32295","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32296","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32226","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32261","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32241","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32212","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.3205","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31923","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31842","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31769","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31777","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19059"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649440","reference_id":"1649440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649440"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180","reference_id":"913180","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://usn.ubuntu.com/3837-1/","reference_id":"USN-3837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2018-19059"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbyn-9mx6-a3gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83018?format=json","vulnerability_id":"VCID-zzy2-1yr8-83cf","summary":"poppler: reachable abort in Object.h","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19058","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.50976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51054","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51011","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51068","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51065","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51108","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51087","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.5111","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51116","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51093","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51041","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51049","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51009","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.50941","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.50992","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51023","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19058"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649435","reference_id":"1649435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649435"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177","reference_id":"913177","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://usn.ubuntu.com/3837-1/","reference_id":"USN-3837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994386?format=json","purl":"pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-48d5-zxmm-r3g4"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-a8zz-dfdm-1uf7"},{"vulnerability":"VCID-anb3-1s96-wbaq"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-ygrf-gq35-fkfd"},{"vulnerability":"VCID-yy6j-1h5z-wbgp"},{"vulnerability":"VCID-yyxy-juya-a3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1"}],"aliases":["CVE-2018-19058"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-1yr8-83cf"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83248?format=json","vulnerability_id":"VCID-29b3-s5n9-5fd8","summary":"poppler: out of bounds read in pdfunite","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13988","reference_id":"","reference_type":"","scores":[{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70826","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70719","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70726","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70705","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70758","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70768","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70749","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.70789","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74734","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74681","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74684","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.7471","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74685","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74717","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74731","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00841","scoring_system":"epss","scoring_elements":"0.74755","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13988"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602838","reference_id":"1602838","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1602838"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922","reference_id":"904922","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3140","reference_id":"RHSA-2018:3140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3140"},{"reference_url":"https://usn.ubuntu.com/3757-1/","reference_id":"USN-3757-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3757-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-13988"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29b3-s5n9-5fd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83989?format=json","vulnerability_id":"VCID-3kw1-pxdk-27h4","summary":"poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14927","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35782","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36207","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36182","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36224","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36209","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.36157","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35926","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35894","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35808","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.35761","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4937","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49424","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4942","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49361","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49389","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49417","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14927"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102604","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500324","reference_id":"1500324","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237","reference_id":"877237","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14927","reference_id":"CVE-2017-14927","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14927"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14927"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kw1-pxdk-27h4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69077?format=json","vulnerability_id":"VCID-3u3m-ru9u-buem","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9775","reference_id":"","reference_type":"","scores":[{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73105","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73055","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73065","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73062","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00742","scoring_system":"epss","scoring_elements":"0.73084","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73598","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73594","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.7363","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73643","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73648","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.7364","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73684","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73693","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73589","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00778","scoring_system":"epss","scoring_elements":"0.73622","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466442","reference_id":"1466442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466442"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680","reference_id":"865680","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680"},{"reference_url":"https://security.archlinux.org/ASA-201706-33","reference_id":"ASA-201706-33","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-33"},{"reference_url":"https://security.archlinux.org/AVG-326","reference_id":"AVG-326","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2551","reference_id":"RHSA-2017:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2551"},{"reference_url":"https://usn.ubuntu.com/3350-1/","reference_id":"USN-3350-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3350-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-9775"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3u3m-ru9u-buem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69084?format=json","vulnerability_id":"VCID-44yv-r4hg-17db","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14520","reference_id":"","reference_type":"","scores":[{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44835","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45044","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44995","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44904","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44913","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44856","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44749","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44818","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45008","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45031","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.44999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45001","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00223","scoring_system":"epss","scoring_elements":"0.45051","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51975","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.51927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14520"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102719","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494582","reference_id":"1494582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1494582"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081","reference_id":"876081","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14520","reference_id":"CVE-2017-14520","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14520"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14520"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44yv-r4hg-17db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82120?format=json","vulnerability_id":"VCID-5jej-esjt-uqak","summary":"poppler: integer overflow in Parser::makeStream in Parser.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21009","reference_id":"","reference_type":"","scores":[{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65047","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65262","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65188","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6517","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65217","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65097","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65124","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65088","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6515","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65169","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65159","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65131","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65167","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65177","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65176","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6519","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-21009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1753850","reference_id":"1753850","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1753850"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-21009","reference_id":"CVE-2018-21009","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-21009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1074","reference_id":"RHSA-2020:1074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1074"},{"reference_url":"https://usn.ubuntu.com/4646-1/","reference_id":"USN-4646-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4646-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-21009"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5jej-esjt-uqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82919?format=json","vulnerability_id":"VCID-74sz-r8kq-qkd5","summary":"poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20551","reference_id":"","reference_type":"","scores":[{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54012","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54113","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54067","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54057","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.5403","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54033","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54083","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54129","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54111","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54094","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54133","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54137","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00309","scoring_system":"epss","scoring_elements":"0.54117","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/703","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/703"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665259","reference_id":"1665259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665259"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525","reference_id":"917525","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20551","reference_id":"CVE-2018-20551","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/3886-1/","reference_id":"USN-3886-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3886-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-20551"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-74sz-r8kq-qkd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83988?format=json","vulnerability_id":"VCID-7n47-6efe-eybd","summary":"poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14926","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38281","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38643","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38691","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38669","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38591","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38414","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38322","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38271","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52531","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52433","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5248","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52468","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14926"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102601","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500323","reference_id":"1500323","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500323"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239","reference_id":"877239","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14926","reference_id":"CVE-2017-14926","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14926"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14926"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7n47-6efe-eybd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82739?format=json","vulnerability_id":"VCID-7p5r-eqxs-tugv","summary":"poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9631","reference_id":"","reference_type":"","scores":[{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84271","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84467","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84405","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84425","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84451","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84284","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84303","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84304","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84326","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84331","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84349","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84342","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.8436","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84361","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.84364","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.8439","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02178","scoring_system":"epss","scoring_elements":"0.844","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/736","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/736"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1686802","reference_id":"1686802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1686802"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673","reference_id":"926673","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9631","reference_id":"CVE-2019-9631","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9631"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-9631"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56083?format=json","vulnerability_id":"VCID-bvmu-gq2p-jygf","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7511","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44143","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.54933","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.54958","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55038","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55063","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55088","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.551","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.5508","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55101","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55105","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55083","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55015","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55034","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0032","scoring_system":"epss","scoring_elements":"0.55007","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456827","reference_id":"1456827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759","reference_id":"863759","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759"},{"reference_url":"https://security.gentoo.org/glsa/201801-17","reference_id":"GLSA-201801-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-17"},{"reference_url":"https://usn.ubuntu.com/3350-1/","reference_id":"USN-3350-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3350-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-7511"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvmu-gq2p-jygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69081?format=json","vulnerability_id":"VCID-csqv-t3cr-4uap","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14517","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45778","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45897","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45904","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45956","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.4595","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45896","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45845","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45855","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45798","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45696","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.45759","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61454","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.6137","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61417","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61433","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61293","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61372","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61401","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14517"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102687","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"http://www.securityfocus.com/bid/105050","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/105050"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499162","reference_id":"1499162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499162"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079","reference_id":"876079","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14517","reference_id":"CVE-2017-14517","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14517"},{"reference_url":"https://usn.ubuntu.com/3433-1/","reference_id":"USN-3433-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3433-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14517"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csqv-t3cr-4uap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82678?format=json","vulnerability_id":"VCID-dh3p-2g4s-wke6","summary":"poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10872","reference_id":"","reference_type":"","scores":[{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76097","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76304","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76244","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76254","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76283","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.761","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76132","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76112","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76145","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76158","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76183","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76159","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76156","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76198","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76201","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76184","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76223","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00935","scoring_system":"epss","scoring_elements":"0.76233","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10872"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/750","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/750"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/"},{"reference_url":"http://www.securityfocus.com/bid/107862","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696638","reference_id":"1696638","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696638"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530","reference_id":"926530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10872","reference_id":"CVE-2019-10872","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10872"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-10872"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dh3p-2g4s-wke6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60453?format=json","vulnerability_id":"VCID-ervb-318m-tygv","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14975","reference_id":"","reference_type":"","scores":[{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.7795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.7814","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78074","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78087","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78125","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77957","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77967","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77994","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78026","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78008","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78007","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78042","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78041","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78034","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78066","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14975"},{"reference_url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=102653","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=102653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500343","reference_id":"1500343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500343"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957","reference_id":"877957","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14975","reference_id":"CVE-2017-14975","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14975"},{"reference_url":"https://security.gentoo.org/glsa/201804-03","reference_id":"GLSA-201804-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-03"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14975"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ervb-318m-tygv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60455?format=json","vulnerability_id":"VCID-ex2h-ahg3-s7b9","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14977","reference_id":"","reference_type":"","scores":[{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.7795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.7814","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78074","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78087","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78125","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77957","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77967","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77994","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.77999","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78026","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78008","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78007","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78042","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78041","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78034","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78066","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14977"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=103045","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=103045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500344","reference_id":"1500344","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500344"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952","reference_id":"877952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14977","reference_id":"CVE-2017-14977","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14977"},{"reference_url":"https://security.gentoo.org/glsa/201804-03","reference_id":"GLSA-201804-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-03"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14977"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ex2h-ahg3-s7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56087?format=json","vulnerability_id":"VCID-gt34-muf6-abc7","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9865","reference_id":"","reference_type":"","scores":[{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73288","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73471","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73423","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73448","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73297","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73321","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73293","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73329","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73342","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73366","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73346","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73338","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73381","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73389","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73383","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73416","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73429","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73427","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466435","reference_id":"1466435","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466435"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477","reference_id":"867477","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477"},{"reference_url":"https://security.gentoo.org/glsa/201801-17","reference_id":"GLSA-201801-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-17"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-9865"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gt34-muf6-abc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69082?format=json","vulnerability_id":"VCID-h1ka-xthk-rug9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14518","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50569","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.5064","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50667","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50673","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50652","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.506","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50562","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50486","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50539","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.5739","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57321","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57372","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.5724","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57322","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00348","scoring_system":"epss","scoring_elements":"0.57345","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14518"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102688","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499163","reference_id":"1499163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499163"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082","reference_id":"876082","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14518","reference_id":"CVE-2017-14518","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14518"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14518"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h1ka-xthk-rug9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83934?format=json","vulnerability_id":"VCID-hf11-8tk1-5kc4","summary":"poppler: Memory corruption via Gfx.cc infinite loop","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14929","reference_id":"","reference_type":"","scores":[{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.4082","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41128","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41171","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41142","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41069","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.4097","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40957","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40874","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40732","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.40805","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00192","scoring_system":"epss","scoring_elements":"0.41145","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64589","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64693","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64642","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64671","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64629","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64677","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14929"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102969","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929"},{"reference_url":"https://www.debian.org/security/2018/dsa-4097","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499167","reference_id":"1499167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222","reference_id":"877222","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14929","reference_id":"CVE-2017-14929","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14929"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14929"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hf11-8tk1-5kc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82927?format=json","vulnerability_id":"VCID-hmbq-4c5b-ukd7","summary":"poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20481","reference_id":"","reference_type":"","scores":[{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78778","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78953","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78901","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78918","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.7894","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78785","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78816","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78799","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78825","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78831","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78854","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78837","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78828","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78856","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78853","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.7885","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78878","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0119","scoring_system":"epss","scoring_elements":"0.78885","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20481"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/692","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/692"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"http://www.securityfocus.com/bid/106321","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106321"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665266","reference_id":"1665266","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665266"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325","reference_id":"917325","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20481","reference_id":"CVE-2018-20481","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20481"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/3865-1/","reference_id":"USN-3865-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3865-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-20481"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83958?format=json","vulnerability_id":"VCID-hszt-6bxr-syfe","summary":"poppler: Floating point exception in the ImageStream class","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14617","reference_id":"","reference_type":"","scores":[{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.66908","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67097","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67011","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67045","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67044","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67058","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.66946","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.66972","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.66996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67008","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67028","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.66983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67016","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00525","scoring_system":"epss","scoring_elements":"0.67031","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14617"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102854","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102854"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499905","reference_id":"1499905","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499905"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385","reference_id":"876385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14617","reference_id":"CVE-2017-14617","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14617"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14617"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hszt-6bxr-syfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84282?format=json","vulnerability_id":"VCID-jauh-5qga-hucw","summary":"poppler: Stack exhaustion due to infinite recursive call in pdfunite","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7515","reference_id":"","reference_type":"","scores":[{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44077","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43924","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43832","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44141","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44164","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44095","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44146","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44165","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44193","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44184","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44113","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.44037","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.4404","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00216","scoring_system":"epss","scoring_elements":"0.43955","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"},{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459066","reference_id":"1459066","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1459066"},{"reference_url":"https://usn.ubuntu.com/3350-1/","reference_id":"USN-3350-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3350-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-7515"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jauh-5qga-hucw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82909?format=json","vulnerability_id":"VCID-jc37-xtrj-p3cm","summary":"poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20662","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69132","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69345","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69292","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69269","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69311","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69148","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69169","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6915","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69218","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.6924","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69226","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69198","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69237","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69245","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69224","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69276","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69284","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20662"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/706","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/706"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665273","reference_id":"1665273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1665273"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158","reference_id":"918158","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20662","reference_id":"CVE-2018-20662","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-20662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-20662"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56085?format=json","vulnerability_id":"VCID-jd42-3thk-rqhr","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9406","reference_id":"","reference_type":"","scores":[{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77441","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.7764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77482","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77517","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77534","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77559","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77565","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.7758","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458701","reference_id":"1458701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458701"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010","reference_id":"864010","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010"},{"reference_url":"https://security.gentoo.org/glsa/201801-17","reference_id":"GLSA-201801-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-17"},{"reference_url":"https://usn.ubuntu.com/3350-1/","reference_id":"USN-3350-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3350-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-9406"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jd42-3thk-rqhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60452?format=json","vulnerability_id":"VCID-jw5j-xk5g-v3b1","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000456","reference_id":"","reference_type":"","scores":[{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72591","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72545","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72536","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72566","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72416","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72434","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72462","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72467","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72499","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72508","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.7254","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00719","scoring_system":"epss","scoring_elements":"0.72547","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000456"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=103116","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=103116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4097","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531382","reference_id":"1531382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531382"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000456","reference_id":"CVE-2017-1000456","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000456"},{"reference_url":"https://security.gentoo.org/glsa/201804-03","reference_id":"GLSA-201804-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-03"},{"reference_url":"https://usn.ubuntu.com/3517-1/","reference_id":"USN-3517-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3517-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-1000456"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jw5j-xk5g-v3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60454?format=json","vulnerability_id":"VCID-kf69-av43-wffs","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14976","reference_id":"","reference_type":"","scores":[{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77912","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78102","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78037","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.7805","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78059","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78086","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77919","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77956","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.7796","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77987","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.7797","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77969","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78004","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.77997","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01093","scoring_system":"epss","scoring_elements":"0.78029","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14976"},{"reference_url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=102724","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=102724"},{"reference_url":"https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf","reference_id":"","reference_type":"","scores":[],"url":"https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500345","reference_id":"1500345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954","reference_id":"877954","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14976","reference_id":"CVE-2017-14976","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14976"},{"reference_url":"https://security.gentoo.org/glsa/201804-03","reference_id":"GLSA-201804-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-03"},{"reference_url":"https://usn.ubuntu.com/3517-1/","reference_id":"USN-3517-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3517-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14976"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kf69-av43-wffs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69080?format=json","vulnerability_id":"VCID-kwa4-641f-ducs","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9776","reference_id":"","reference_type":"","scores":[{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79262","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79438","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79388","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79397","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79419","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79269","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79293","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79279","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79314","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79338","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.7931","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79337","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79334","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79367","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01248","scoring_system":"epss","scoring_elements":"0.79372","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466443","reference_id":"1466443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1466443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679","reference_id":"865679","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679"},{"reference_url":"https://security.archlinux.org/ASA-201706-33","reference_id":"ASA-201706-33","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201706-33"},{"reference_url":"https://security.archlinux.org/AVG-326","reference_id":"AVG-326","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2550","reference_id":"RHSA-2017:2550","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2550"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2551","reference_id":"RHSA-2017:2551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2551"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-9776"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kwa4-641f-ducs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69083?format=json","vulnerability_id":"VCID-mqt3-g77k-xqer","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14519","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3098","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31485","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31448","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31482","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31461","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3143","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31261","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31136","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31056","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30907","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30975","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62963","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62878","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62929","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62945","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62826","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62884","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.62914","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14519"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102701","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102701"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499165","reference_id":"1499165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1499165"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086","reference_id":"876086","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14519","reference_id":"CVE-2017-14519","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14519"},{"reference_url":"https://usn.ubuntu.com/3433-1/","reference_id":"USN-3433-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3433-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14519"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt3-g77k-xqer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82518?format=json","vulnerability_id":"VCID-myjj-5fsv-sybj","summary":"poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12293","reference_id":"","reference_type":"","scores":[{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76282","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76286","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76295","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76328","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76369","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76382","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76388","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76372","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76406","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76414","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76427","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76416","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76445","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00948","scoring_system":"epss","scoring_elements":"0.76465","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12293"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1713582","reference_id":"1713582","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1713582"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423","reference_id":"929423","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1074","reference_id":"RHSA-2020:1074","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1074"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-12293"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myjj-5fsv-sybj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93837?format=json","vulnerability_id":"VCID-ncat-8jz5-m7e5","summary":"An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10018","reference_id":"","reference_type":"","scores":[{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55366","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55268","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.5531","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55246","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55369","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55347","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55398","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55408","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55387","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55368","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55404","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55326","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00323","scoring_system":"epss","scoring_elements":"0.55319","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276","reference_id":"","reference_type":"","scores":[],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133","reference_id":"926133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10018","reference_id":"CVE-2019-10018","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10018"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-10018"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncat-8jz5-m7e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83987?format=json","vulnerability_id":"VCID-pc5k-98kh-suce","summary":"poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14928","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38281","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.3867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38643","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38691","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38669","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38591","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38414","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38322","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38203","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38271","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52531","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52433","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52486","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5248","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52395","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.5244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52468","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14928"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=102607","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=102607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:C"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500322","reference_id":"1500322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500322"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231","reference_id":"877231","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14928","reference_id":"CVE-2017-14928","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-14928"},{"reference_url":"https://usn.ubuntu.com/3440-1/","reference_id":"USN-3440-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3440-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-14928"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5k-98kh-suce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41481?format=json","vulnerability_id":"VCID-qdcv-xd8k-8qbu","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19149","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49446","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49474","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.495","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49508","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49504","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49493","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49542","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4954","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49511","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49502","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49467","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49384","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49472","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649457","reference_id":"1649457","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649457"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600","reference_id":"914600","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600"},{"reference_url":"https://security.gentoo.org/glsa/201904-04","reference_id":"GLSA-201904-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://usn.ubuntu.com/3837-1/","reference_id":"USN-3837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-1/"},{"reference_url":"https://usn.ubuntu.com/3837-2/","reference_id":"USN-3837-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-19149"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcv-xd8k-8qbu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83892?format=json","vulnerability_id":"VCID-qjj9-dejh-vuaq","summary":"poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:0327","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2019:0327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3505","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3505"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18267","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50793","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.5084","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50831","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50757","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50809","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50848","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50874","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50832","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50889","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50887","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50929","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50907","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50891","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50935","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50915","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50863","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.50871","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18267"},{"reference_url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=103238","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.freedesktop.org/show_bug.cgi?id=103238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578777","reference_id":"1578777","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578777"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357","reference_id":"898357","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18267","reference_id":"CVE-2017-18267","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-18267"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3140","reference_id":"RHSA-2018:3140","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3140"},{"reference_url":"https://usn.ubuntu.com/3647-1/","reference_id":"USN-3647-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3647-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-18267"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qjj9-dejh-vuaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82803?format=json","vulnerability_id":"VCID-qpwe-7kfy-pyb8","summary":"poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7310","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5322","published_at":"2026-04-01T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5333","published_at":"2026-05-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53308","published_at":"2026-04-26T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53271","published_at":"2026-04-29T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53228","published_at":"2026-05-05T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53278","published_at":"2026-05-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53269","published_at":"2026-04-04T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53289","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53283","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53333","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53318","published_at":"2026-04-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53339","published_at":"2026-04-16T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53344","published_at":"2026-04-18T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53324","published_at":"2026-04-21T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53296","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7310"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/717","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/717"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/"},{"reference_url":"http://www.securityfocus.com/bid/106829","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106829"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672419","reference_id":"1672419","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672419"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215","reference_id":"921215","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215"},{"reference_url":"https://security.archlinux.org/AVG-869","reference_id":"AVG-869","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-869"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7310","reference_id":"CVE-2019-7310","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/3886-1/","reference_id":"USN-3886-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3886-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-7310"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69085?format=json","vulnerability_id":"VCID-qsy6-em2u-cyd2","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15565","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69878","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70082","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70009","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70051","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.6989","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69905","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69882","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.6993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69946","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.6997","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69954","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.6994","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69984","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69994","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.69975","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70026","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70034","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15565"},{"reference_url":"https://bugs.freedesktop.org/show_bug.cgi?id=103016","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.freedesktop.org/show_bug.cgi?id=103016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4079","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2018/dsa-4079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510977","reference_id":"1510977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1510977"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066","reference_id":"879066","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15565","reference_id":"CVE-2017-15565","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15565"},{"reference_url":"https://usn.ubuntu.com/3467-1/","reference_id":"USN-3467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-15565"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qsy6-em2u-cyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82764?format=json","vulnerability_id":"VCID-tu6x-7fgv-1ffu","summary":"poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9200","reference_id":"","reference_type":"","scores":[{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.89978","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.9009","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90052","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90063","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90078","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.8998","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.89993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.89998","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90014","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90019","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90027","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90037","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90035","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05298","scoring_system":"epss","scoring_elements":"0.90053","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9200"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/728","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/728"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/"},{"reference_url":"https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/","reference_id":"","reference_type":"","scores":[],"url":"https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/"},{"reference_url":"http://www.securityfocus.com/bid/107172","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107172"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683632","reference_id":"1683632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683632"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414","reference_id":"923414","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9200","reference_id":"CVE-2019-9200","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-9200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2713","reference_id":"RHSA-2019:2713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2713"},{"reference_url":"https://usn.ubuntu.com/3905-1/","reference_id":"USN-3905-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3905-1/"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-9200"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82681?format=json","vulnerability_id":"VCID-tzdq-9gfz-yud5","summary":"poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10873","reference_id":"","reference_type":"","scores":[{"value":"0.00788","scoring_system":"epss","scoring_elements":"0.73977","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00788","scoring_system":"epss","scoring_elements":"0.73923","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00788","scoring_system":"epss","scoring_elements":"0.73932","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00788","scoring_system":"epss","scoring_elements":"0.73928","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00788","scoring_system":"epss","scoring_elements":"0.73954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75689","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75723","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75734","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75758","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75739","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75733","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7577","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75773","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75759","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.75676","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00905","scoring_system":"epss","scoring_elements":"0.7571","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/poppler/poppler/issues/748","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.freedesktop.org/poppler/poppler/issues/748"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/"},{"reference_url":"http://www.securityfocus.com/bid/107862","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/107862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696637","reference_id":"1696637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1696637"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532","reference_id":"926532","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10873","reference_id":"CVE-2019-10873","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10873"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2019-10873"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-9gfz-yud5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83187?format=json","vulnerability_id":"VCID-yyzk-7mqj-m7hq","summary":"poppler: infinite recursion in Parser::getObj function in Parser.cc","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16646","reference_id":"","reference_type":"","scores":[{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71552","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71559","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71577","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.7155","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.7159","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.716","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71624","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.71608","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83994","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83862","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83895","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83896","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83921","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83933","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83956","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02049","scoring_system":"epss","scoring_elements":"0.83978","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16646"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626618","reference_id":"1626618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626618"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802","reference_id":"909802","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2022","reference_id":"RHSA-2019:2022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2022"},{"reference_url":"https://usn.ubuntu.com/3837-1/","reference_id":"USN-3837-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-1/"},{"reference_url":"https://usn.ubuntu.com/3837-2/","reference_id":"USN-3837-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3837-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2018-16646"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56086?format=json","vulnerability_id":"VCID-zgja-p6ey-2kex","summary":"Multiple vulnerabilities have been found in Poppler, the worst of\n    which could allow the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9408","reference_id":"","reference_type":"","scores":[{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77441","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.7764","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77617","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77472","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77453","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77482","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77517","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77498","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77495","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77534","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77531","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77524","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77559","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.77565","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01046","scoring_system":"epss","scoring_elements":"0.7758","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458702","reference_id":"1458702","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458702"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009","reference_id":"864009","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009"},{"reference_url":"https://security.gentoo.org/glsa/201801-17","reference_id":"GLSA-201801-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-17"},{"reference_url":"https://usn.ubuntu.com/3350-1/","reference_id":"USN-3350-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3350-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035939?format=json","purl":"pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-ebyg-yhza-wkaq"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gfxh-3er7-zyam"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kre4-9v6u-3ked"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qmt5-gtpg-vbg2"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/1037005?format=json","purl":"pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29b3-s5n9-5fd8"},{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-3kw1-pxdk-27h4"},{"vulnerability":"VCID-3u3m-ru9u-buem"},{"vulnerability":"VCID-44yv-r4hg-17db"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5jej-esjt-uqak"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-74sz-r8kq-qkd5"},{"vulnerability":"VCID-7n47-6efe-eybd"},{"vulnerability":"VCID-7p5r-eqxs-tugv"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-bvmu-gq2p-jygf"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-csqv-t3cr-4uap"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-dh3p-2g4s-wke6"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervb-318m-tygv"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-ex2h-ahg3-s7b9"},{"vulnerability":"VCID-gt34-muf6-abc7"},{"vulnerability":"VCID-h1ka-xthk-rug9"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-hf11-8tk1-5kc4"},{"vulnerability":"VCID-hmbq-4c5b-ukd7"},{"vulnerability":"VCID-hszt-6bxr-syfe"},{"vulnerability":"VCID-jauh-5qga-hucw"},{"vulnerability":"VCID-jc37-xtrj-p3cm"},{"vulnerability":"VCID-jd42-3thk-rqhr"},{"vulnerability":"VCID-jw5j-xk5g-v3b1"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-kf69-av43-wffs"},{"vulnerability":"VCID-kwa4-641f-ducs"},{"vulnerability":"VCID-mqt3-g77k-xqer"},{"vulnerability":"VCID-myjj-5fsv-sybj"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-ncat-8jz5-m7e5"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-pc5k-98kh-suce"},{"vulnerability":"VCID-qdcv-xd8k-8qbu"},{"vulnerability":"VCID-qjj9-dejh-vuaq"},{"vulnerability":"VCID-qpwe-7kfy-pyb8"},{"vulnerability":"VCID-qsy6-em2u-cyd2"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-tu6x-7fgv-1ffu"},{"vulnerability":"VCID-tzdq-9gfz-yud5"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-yyzk-7mqj-m7hq"},{"vulnerability":"VCID-zgja-p6ey-2kex"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049255?format=json","purl":"pkg:deb/debian/poppler@0.71.0-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2ck3-hjtt-hbax"},{"vulnerability":"VCID-48ua-ch85-w3cg"},{"vulnerability":"VCID-4ucr-xaac-7uc7"},{"vulnerability":"VCID-5py7-z1gg-9fet"},{"vulnerability":"VCID-72nw-9jgd-4kdw"},{"vulnerability":"VCID-8t2a-b56v-tqcs"},{"vulnerability":"VCID-96jm-1vhy-eyfd"},{"vulnerability":"VCID-bc96-6vy6-ryfz"},{"vulnerability":"VCID-c4wz-u632-eyeh"},{"vulnerability":"VCID-crcj-9bh9-7kb7"},{"vulnerability":"VCID-cwyp-gapg-yufk"},{"vulnerability":"VCID-d5fj-5prg-97f4"},{"vulnerability":"VCID-enu8-gjre-fbap"},{"vulnerability":"VCID-ervj-1sdg-b3bm"},{"vulnerability":"VCID-h3q1-dbx2-hubv"},{"vulnerability":"VCID-k1uz-1eqt-pbc6"},{"vulnerability":"VCID-n1sx-y7xc-kqfb"},{"vulnerability":"VCID-nqqu-29qr-wfec"},{"vulnerability":"VCID-qtb6-gvjp-cqbq"},{"vulnerability":"VCID-s3q2-uvnc-wfep"},{"vulnerability":"VCID-tfe8-bq62-3ke4"},{"vulnerability":"VCID-tt3h-qbbv-zuev"},{"vulnerability":"VCID-wbyn-9mx6-a3gd"},{"vulnerability":"VCID-zzy2-1yr8-83cf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}],"aliases":["CVE-2017-9408"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zgja-p6ey-2kex"}],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5"}