VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/105459?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/105459?format=api",
    "purl": "pkg:rpm/redhat/poppler@0.26.5-42?arch=el7",
    "type": "rpm",
    "namespace": "redhat",
    "name": "poppler",
    "version": "0.26.5-42",
    "qualifiers": {
        "arch": "el7"
    },
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": null,
    "latest_non_vulnerable_version": null,
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82120?format=api",
            "vulnerability_id": "VCID-5jej-esjt-uqak",
            "summary": "poppler: integer overflow in Parser::makeStream in Parser.cc",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.9",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65047",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65262",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65188",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6517",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65217",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65097",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65124",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65088",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65137",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6515",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65169",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65159",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65131",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65167",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65177",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65161",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65176",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00481",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6519",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850",
                    "reference_id": "1753850",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009",
                    "reference_id": "CVE-2018-21009",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P"
                        },
                        {
                            "value": "8.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074",
                    "reference_id": "RHSA-2020:1074",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2020:1074"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4646-1/",
                    "reference_id": "USN-4646-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4646-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2018-21009"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "7.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jej-esjt-uqak"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63534?format=api",
            "vulnerability_id": "VCID-8ern-kbeb-j3e2",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11459.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11459.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11459",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.62992",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63051",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6308",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63045",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63096",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63112",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6313",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63116",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63093",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63129",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63136",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63138",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63151",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6315",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63117",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63162",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00438",
                            "scoring_system": "epss",
                            "scoring_elements": "0.63213",
                            "published_at": "2026-05-09T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11459"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000159"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010006"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11459"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.4",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716295",
                    "reference_id": "1716295",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1716295"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927820",
                    "reference_id": "927820",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927820"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927821",
                    "reference_id": "927821",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927821"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:3553",
                    "reference_id": "RHSA-2019:3553",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:3553"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074",
                    "reference_id": "RHSA-2020:1074",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2020:1074"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3959-1/",
                    "reference_id": "USN-3959-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3959-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7274-1/",
                    "reference_id": "USN-7274-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7274-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2019-11459"
            ],
            "risk_score": 1.5,
            "exploitability": "0.5",
            "weighted_severity": "3.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8ern-kbeb-j3e2"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82344?format=api",
            "vulnerability_id": "VCID-crcj-9bh9-7kb7",
            "summary": "poppler: integer overflow in JPXStream::init function leading to memory consumption",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.2",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.80975",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.0146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.80953",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.80986",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81009",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81008",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81036",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81043",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8106",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81047",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81039",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81077",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81078",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81075",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81097",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81105",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81113",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81127",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.01488",
                            "scoring_system": "epss",
                            "scoring_elements": "0.80977",
                            "published_at": "2026-04-01T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340",
                    "reference_id": "1732340",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776",
                    "reference_id": "941776",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713",
                    "reference_id": "RHSA-2019:2713",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2713"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074",
                    "reference_id": "RHSA-2020:1074",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2020:1074"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4646-1/",
                    "reference_id": "USN-4646-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4646-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2019-9959"
            ],
            "risk_score": 2.8,
            "exploitability": "0.5",
            "weighted_severity": "5.6",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crcj-9bh9-7kb7"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82518?format=api",
            "vulnerability_id": "VCID-myjj-5fsv-sybj",
            "summary": "poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.6",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76282",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76286",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76316",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76295",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76328",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76342",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76369",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76347",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76382",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76388",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76372",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76406",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76414",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76427",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76416",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76445",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00948",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76465",
                            "published_at": "2026-05-09T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582",
                    "reference_id": "1713582",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423",
                    "reference_id": "929423",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713",
                    "reference_id": "RHSA-2019:2713",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2713"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074",
                    "reference_id": "RHSA-2020:1074",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2020:1074"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4042-1/",
                    "reference_id": "USN-4042-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4042-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2019-12293"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myjj-5fsv-sybj"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82677?format=api",
            "vulnerability_id": "VCID-s3q2-uvnc-wfep",
            "summary": "poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.1",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70182",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70381",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70335",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70308",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70349",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70194",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70211",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70188",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70234",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70249",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70272",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70257",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70244",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70286",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70295",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70276",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7033",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00628",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70338",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.4",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/107862",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/107862"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636",
                    "reference_id": "1696636",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529",
                    "reference_id": "926529",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871",
                    "reference_id": "CVE-2019-10871",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713",
                    "reference_id": "RHSA-2019:2713",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2713"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074",
                    "reference_id": "RHSA-2020:1074",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2020:1074"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/4646-1/",
                    "reference_id": "USN-4646-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/4646-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2019-10871"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3q2-uvnc-wfep"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "4.0",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/poppler@0.26.5-42%3Farch=el7"
}

Package Instance