{"url":"http://public2.vulnerablecode.io/api/packages/1055044?format=json","purl":"pkg:deb/debian/libtk-img@1.2.4-1","type":"deb","namespace":"debian","name":"libtk-img","version":"1.2.4-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:1.3-release-7+lenny1","latest_non_vulnerable_version":"1:1.3-release-7+lenny1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57470?format=json","vulnerability_id":"VCID-afvh-nq3e-5ubm","summary":"This GLSA contains notification of vulnerabilities found in several\n    Gentoo packages which have been fixed prior to January 1, 2011. The worst\n    of these vulnerabilities could lead to local privilege escalation and\n    remote code execution. Please see the package list and CVE identifiers\n    below for more information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0553.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0553","reference_id":"","reference_type":"","scores":[{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90664","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90669","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90688","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90699","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90705","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90714","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90711","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.9073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90727","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90725","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90738","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90739","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90734","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.9075","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90769","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90781","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90779","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90789","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06015","scoring_system":"epss","scoring_elements":"0.90801","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0553"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=431518","reference_id":"431518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=431518"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485785","reference_id":"485785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485785"},{"reference_url":"https://security.gentoo.org/glsa/201412-08","reference_id":"GLSA-201412-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0134","reference_id":"RHSA-2008:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0135","reference_id":"RHSA-2008:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0136","reference_id":"RHSA-2008:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0136"},{"reference_url":"https://usn.ubuntu.com/664-1/","reference_id":"USN-664-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/664-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1058674?format=json","purl":"pkg:deb/debian/libtk-img@1:1.3-release-7%2Blenny1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtk-img@1:1.3-release-7%252Blenny1"}],"aliases":["CVE-2008-0553"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afvh-nq3e-5ubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88890?format=json","vulnerability_id":"VCID-se7e-fj7f-afht","summary":"Tk GIF processing buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5378.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5378.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5378","reference_id":"","reference_type":"","scores":[{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80111","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80147","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80154","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80173","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80158","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80149","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80178","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80179","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80182","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80211","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.8022","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80235","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80251","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80273","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80289","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80285","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80302","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01359","scoring_system":"epss","scoring_elements":"0.80344","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5378"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5378"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=332021","reference_id":"332021","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=332021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0134","reference_id":"RHSA-2008:0134","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0134"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0135","reference_id":"RHSA-2008:0135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0135"},{"reference_url":"https://usn.ubuntu.com/529-1/","reference_id":"USN-529-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/529-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055045?format=json","purl":"pkg:deb/debian/libtk-img@1:1.3-13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-afvh-nq3e-5ubm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtk-img@1:1.3-13"}],"aliases":["CVE-2007-5378"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-se7e-fj7f-afht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88648?format=json","vulnerability_id":"VCID-zkgp-yqut-cbeh","summary":"Tk GIF processing buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5137.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5137","reference_id":"","reference_type":"","scores":[{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91887","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91896","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91903","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.9191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91931","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.9193","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91927","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91946","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91943","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.9194","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91944","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91939","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91951","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91965","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91974","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91981","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07715","scoring_system":"epss","scoring_elements":"0.91997","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5137"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=290991","reference_id":"290991","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=290991"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0136","reference_id":"RHSA-2008:0136","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0136"},{"reference_url":"https://usn.ubuntu.com/529-1/","reference_id":"USN-529-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/529-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1055045?format=json","purl":"pkg:deb/debian/libtk-img@1:1.3-13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-afvh-nq3e-5ubm"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtk-img@1:1.3-13"}],"aliases":["CVE-2007-5137"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkgp-yqut-cbeh"}],"fixing_vulnerabilities":[],"risk_score":"0.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libtk-img@1.2.4-1"}