Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/106689?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/106689?format=api", "purl": "pkg:rpm/redhat/evince@3.28.2-8?arch=el7", "type": "rpm", "namespace": "redhat", "name": "evince", "version": "3.28.2-8", "qualifiers": { "arch": "el7" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82739?format=api", "vulnerability_id": "VCID-7p5r-eqxs-tugv", "summary": "poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84271", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84515", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84451", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84467", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84484", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84284", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84342", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.8436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84361", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.8439", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.844", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84405", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84425", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802", "reference_id": "1686802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673", "reference_id": "926673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631", "reference_id": "CVE-2019-9631", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-9631" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82912?format=api", "vulnerability_id": "VCID-cwyp-gapg-yufk", "summary": "poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57874", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57832", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57779", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57807", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57834", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57829", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57808", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57836", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57812", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.5777", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.5779", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57768", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57726", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html" }, { "reference_url": "http://www.securityfocus.com/bid/106459", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263", "reference_id": "1665263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974", "reference_id": "917974", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650", "reference_id": "CVE-2018-20650", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-20650" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwyp-gapg-yufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83020?format=api", "vulnerability_id": "VCID-ervj-1sdg-b3bm", "summary": "poppler: pdfdetach utility does not validate save paths", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35073", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35227", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35221", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35172", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34938", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34919", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34829", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34701", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34774", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34811", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34716", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34741", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34809", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450", "reference_id": "1649450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182", "reference_id": "913182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-19060" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ervj-1sdg-b3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82927?format=api", "vulnerability_id": "VCID-hmbq-4c5b-ukd7", "summary": "poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79007", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78953", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78951", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78969", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78853", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.7885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78878", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78885", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78901", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78918", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.7894", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "http://www.securityfocus.com/bid/106321", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266", "reference_id": "1665266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325", "reference_id": "917325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481", "reference_id": "CVE-2018-20481", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-20481" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82909?format=api", "vulnerability_id": "VCID-jc37-xtrj-p3cm", "summary": "poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69132", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69383", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69345", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69313", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69338", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6915", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69226", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69245", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69276", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69284", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69292", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69269", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69311", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273", "reference_id": "1665273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158", "reference_id": "918158", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662", "reference_id": "CVE-2018-20662", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-20662" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41481?format=api", "vulnerability_id": "VCID-qdcv-xd8k-8qbu", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4954", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49511", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49502", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49467", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49384", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49444", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49472", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4942", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49447", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49517", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457", "reference_id": "1649457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600", "reference_id": "914600", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600" }, { "reference_url": "https://security.gentoo.org/glsa/201904-04", "reference_id": "GLSA-201904-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-19149" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcv-xd8k-8qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82803?format=api", "vulnerability_id": "VCID-qpwe-7kfy-pyb8", "summary": "poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53385", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53278", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5333", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53291", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53317", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53283", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53333", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53339", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53344", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53324", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53296", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53308", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53271", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53228", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "http://www.securityfocus.com/bid/106829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419", "reference_id": "1672419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215", "reference_id": "921215", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215" }, { "reference_url": "https://security.archlinux.org/AVG-869", "reference_id": "AVG-869", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-869" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310", "reference_id": "CVE-2019-7310", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-7310" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83023?format=api", "vulnerability_id": "VCID-tt3h-qbbv-zuev", "summary": "poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35199", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35321", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35301", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35221", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35103", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35173", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35201", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35107", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3513", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3562", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41626", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4158", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41639", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41629", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546", "reference_id": "1646546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164", "reference_id": "913164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-18897" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3h-qbbv-zuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82764?format=api", "vulnerability_id": "VCID-tu6x-7fgv-1ffu", "summary": "poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90109", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.9009", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90086", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90095", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90019", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90021", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90053", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90052", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90063", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90078", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/" }, { "reference_url": "http://www.securityfocus.com/bid/107172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632", "reference_id": "1683632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414", "reference_id": "923414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200", "reference_id": "CVE-2019-9200", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3905-1/", "reference_id": "USN-3905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3905-1/" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2019-9200" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83019?format=api", "vulnerability_id": "VCID-wbyn-9mx6-a3gd", "summary": "poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3222", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32241", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3205", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31923", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31842", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31695", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31769", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31777", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31682", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31706", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31775", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440", "reference_id": "1649440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180", "reference_id": "913180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-19059" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wbyn-9mx6-a3gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83187?format=api", "vulnerability_id": "VCID-yyzk-7mqj-m7hq", "summary": "poppler: infinite recursion in Parser::getObj function in Parser.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7159", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71552", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83994", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.84011", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.84045", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83895", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83921", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83929", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83933", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83956", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83978", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618", "reference_id": "1626618", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802", "reference_id": "909802", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-16646" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83018?format=api", "vulnerability_id": "VCID-zzy2-1yr8-83cf", "summary": "poppler: reachable abort in Object.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51054", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51011", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51087", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51116", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51093", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51041", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51049", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51009", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50941", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50992", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51023", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50981", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51088", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435", "reference_id": "1649435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177", "reference_id": "913177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2018-19058" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-1yr8-83cf" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/evince@3.28.2-8%3Farch=el7" }