{"url":"http://public2.vulnerablecode.io/api/packages/1076610?format=json","purl":"pkg:deb/debian/exiv2@0.20-2","type":"deb","namespace":"debian","name":"exiv2","version":"0.20-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.28.8+dfsg-1","latest_non_vulnerable_version":"0.28.8+dfsg-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186569?format=json","vulnerability_id":"VCID-1d75-qn32-57ed","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3482.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3482","reference_id":"","reference_type":"","scores":[{"value":"0.00824","scoring_system":"epss","scoring_elements":"0.74885","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3482"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946314","reference_id":"1946314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1946314"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986888","reference_id":"986888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=986888"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4941-1/","reference_id":"USN-4941-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4941-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-3482"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1d75-qn32-57ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8019?format=json","vulnerability_id":"VCID-1ty4-jsjm-kkf6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18899.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18899.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18899","reference_id":"","reference_type":"","scores":[{"value":"0.00108","scoring_system":"epss","scoring_elements":"0.28579","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18899"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002672","reference_id":"2002672","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2002672"},{"reference_url":"https://security.gentoo.org/glsa/202312-06","reference_id":"202312-06","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T20:38:19Z/"}],"url":"https://security.gentoo.org/glsa/202312-06"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/742","reference_id":"742","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T20:38:19Z/"}],"url":"https://github.com/Exiv2/exiv2/issues/742"},{"reference_url":"https://cwe.mitre.org/data/definitions/789.html","reference_id":"789.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T20:38:19Z/"}],"url":"https://cwe.mitre.org/data/definitions/789.html"},{"reference_url":"https://usn.ubuntu.com/8103-1/","reference_id":"USN-8103-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8103-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2020-18899","PYSEC-2021-879"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ty4-jsjm-kkf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4487?format=json","vulnerability_id":"VCID-35xu-ekxh-akfj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10999.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10999.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10999","reference_id":"","reference_type":"","scores":[{"value":"0.00438","scoring_system":"epss","scoring_elements":"0.63559","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579488","reference_id":"1579488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579488"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"}],"aliases":["CVE-2018-10999"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35xu-ekxh-akfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180287?format=json","vulnerability_id":"VCID-39rc-3nue-aken","summary":"Multiple vulnerabilities have been found in Exiv2, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9144.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9144","reference_id":"","reference_type":"","scores":[{"value":"0.00365","scoring_system":"epss","scoring_elements":"0.58912","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1564277","reference_id":"1564277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1564277"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-9144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39rc-3nue-aken"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9371?format=json","vulnerability_id":"VCID-3c5p-xry8-9uhu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29470.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29470","reference_id":"","reference_type":"","scores":[{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39165","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29470"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953708","reference_id":"1953708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1953708"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987450","reference_id":"987450","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987450"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4941-1/","reference_id":"USN-4941-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4941-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29470"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3c5p-xry8-9uhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/174960?format=json","vulnerability_id":"VCID-3q16-bsta-dycv","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10998.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10998.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10998","reference_id":"","reference_type":"","scores":[{"value":"0.00915","scoring_system":"epss","scoring_elements":"0.76354","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579481","reference_id":"1579481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579481"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"}],"aliases":["CVE-2018-10998"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3q16-bsta-dycv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9377?format=json","vulnerability_id":"VCID-47zn-pr51-33fc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29623.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29623","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54328","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29623"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961650","reference_id":"1961650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1961650"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988481","reference_id":"988481","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988481"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4964-1/","reference_id":"USN-4964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29623"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47zn-pr51-33fc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204917?format=json","vulnerability_id":"VCID-4j78-k7pn-kbhj","summary":"An Invalid memory address dereference was discovered in Exiv2::getULong in types.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14864.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14864.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14864","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29992","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14864"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500308","reference_id":"1500308","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500308"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2017-14864"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4j78-k7pn-kbhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4172?format=json","vulnerability_id":"VCID-4mj8-tqdn-u3bx","summary":"","references":[{"reference_url":"http://dev.exiv2.org/issues/1295","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"http://dev.exiv2.org/issues/1295"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9239.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9239","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38575","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test%28exiv2%29","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/lolo-pop/poc/tree/master/Segmentation%20fault%20in%20convert-test%28exiv2%29"},{"reference_url":"https://usn.ubuntu.com/3852-1/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://usn.ubuntu.com/3852-1/"},{"reference_url":"http://www.securityfocus.com/bid/98720","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"http://www.securityfocus.com/bid/98720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1455859","reference_id":"1455859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1455859"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863410","reference_id":"863410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863410"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"}],"aliases":["CVE-2017-9239","PYSEC-2017-112"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4mj8-tqdn-u3bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9880?format=json","vulnerability_id":"VCID-4qqy-pcus-6bbe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37615.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37615","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26913","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/pull/1758","reference_id":"1758","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:55:52Z/"}],"url":"https://github.com/Exiv2/exiv2/pull/1758"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992213","reference_id":"1992213","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992213"},{"reference_url":"https://security.gentoo.org/glsa/202312-06","reference_id":"202312-06","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:55:52Z/"}],"url":"https://security.gentoo.org/glsa/202312-06"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/","reference_id":"FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:55:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/"},{"reference_url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w","reference_id":"GHSA-h9x9-4f77-336w","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:55:52Z/"}],"url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-h9x9-4f77-336w"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/","reference_id":"UYGDELIFFJWKUU7SO3QATCIXCZJERGAC","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T15:55:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37615"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qqy-pcus-6bbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184517?format=json","vulnerability_id":"VCID-64x8-uq4b-wuea","summary":"A vulnerability in Exiv2 could lead to Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9449.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9449.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9449","reference_id":"","reference_type":"","scores":[{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79793","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9449","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9449"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1178908","reference_id":"1178908","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1178908"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773846","reference_id":"773846","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773846"},{"reference_url":"https://security.gentoo.org/glsa/201507-03","reference_id":"GLSA-201507-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-03"},{"reference_url":"https://usn.ubuntu.com/2454-1/","reference_id":"USN-2454-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2454-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076612?format=json","purl":"pkg:deb/debian/exiv2@0.24-4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4mj8-tqdn-u3bx"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-d7kx-7jjv-jqaq"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"},{"vulnerability":"VCID-zph1-cxfg-d3dq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.24-4.1"}],"aliases":["CVE-2014-9449"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-64x8-uq4b-wuea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9367?format=json","vulnerability_id":"VCID-68kf-gdaf-tffy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29457.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29457.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29457","reference_id":"","reference_type":"","scores":[{"value":"0.01509","scoring_system":"epss","scoring_elements":"0.81592","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952612","reference_id":"1952612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991705","reference_id":"991705","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991705"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4941-1/","reference_id":"USN-4941-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4941-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29457"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68kf-gdaf-tffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9368?format=json","vulnerability_id":"VCID-6w88-jwjp-x3d2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29458.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29458.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29458","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26371","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29458"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952607","reference_id":"1952607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1952607"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987277","reference_id":"987277","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987277"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4941-1/","reference_id":"USN-4941-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4941-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29458"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6w88-jwjp-x3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9883?format=json","vulnerability_id":"VCID-6zs7-t9yq-rkdp","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37619.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37619","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22562","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37619"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992174","reference_id":"1992174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992174"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4319","reference_id":"RHSA-2021:4319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4319"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37619"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6zs7-t9yq-rkdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4539?format=json","vulnerability_id":"VCID-8635-8kyr-nbed","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11531.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11531","reference_id":"","reference_type":"","scores":[{"value":"0.0144","scoring_system":"epss","scoring_elements":"0.81144","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1584860","reference_id":"1584860","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1584860"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"}],"aliases":["CVE-2018-11531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8635-8kyr-nbed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6227?format=json","vulnerability_id":"VCID-8h3f-yxfj-zyew","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13112.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13112.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13112","reference_id":"","reference_type":"","scores":[{"value":"0.01688","scoring_system":"epss","scoring_elements":"0.82631","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13112"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728490","reference_id":"1728490","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728490"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-13112"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8h3f-yxfj-zyew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5220?format=json","vulnerability_id":"VCID-8zr7-xh2m-jbf8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19535.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19535","reference_id":"","reference_type":"","scores":[{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60398","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19535"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656187","reference_id":"1656187","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1656187"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915135","reference_id":"915135","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-19535"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zr7-xh2m-jbf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9370?format=json","vulnerability_id":"VCID-94n6-xnby-4uhf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29464.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29464","reference_id":"","reference_type":"","scores":[{"value":"0.00155","scoring_system":"epss","scoring_elements":"0.3597","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29464"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29464","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29464"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978105","reference_id":"1978105","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978105"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988242","reference_id":"988242","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988242"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4964-1/","reference_id":"USN-4964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29464"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-94n6-xnby-4uhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5182?format=json","vulnerability_id":"VCID-ahp4-zugk-a7d1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19107.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19107","reference_id":"","reference_type":"","scores":[{"value":"0.02159","scoring_system":"epss","scoring_elements":"0.84647","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649094","reference_id":"1649094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649094"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913273","reference_id":"913273","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913273"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-19107"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahp4-zugk-a7d1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9471?format=json","vulnerability_id":"VCID-bv8h-uth6-67h3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31292.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-31292.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31292","reference_id":"","reference_type":"","scores":[{"value":"0.00551","scoring_system":"epss","scoring_elements":"0.68462","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/1530","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/issues/1530"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://lists.debian.org/debian-lts-announce/2021/08/msg00028.html"},{"reference_url":"https://www.debian.org/security/2021/dsa-4958","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://www.debian.org/security/2021/dsa-4958"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1990330","reference_id":"1990330","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1990330"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991706","reference_id":"991706","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4319","reference_id":"RHSA-2021:4319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4319"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-31292","PYSEC-2021-877"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8h-uth6-67h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9882?format=json","vulnerability_id":"VCID-c6nk-dvp8-qbcv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37618.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37618","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22562","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37618"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992165","reference_id":"1992165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992165"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4319","reference_id":"RHSA-2021:4319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4319"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37618"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c6nk-dvp8-qbcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8016?format=json","vulnerability_id":"VCID-ce1y-stu8-sqhm","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18831","reference_id":"","reference_type":"","scores":[{"value":"0.00911","scoring_system":"epss","scoring_elements":"0.76282","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18831"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/828","reference_id":"828","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-04T16:32:06Z/"}],"url":"https://github.com/Exiv2/exiv2/issues/828"},{"reference_url":"https://www.exiv2.org/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-10-04T16:32:06Z/"}],"url":"https://www.exiv2.org/download.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2020-18831","PYSEC-2023-150"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ce1y-stu8-sqhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9885?format=json","vulnerability_id":"VCID-chsj-wegt-ffg5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37621.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37621","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24789","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37621"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992183","reference_id":"1992183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992183"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37621"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chsj-wegt-ffg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9557?format=json","vulnerability_id":"VCID-cjdk-uxe8-c7e2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32815.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-32815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32815","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30022","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-32815"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32815","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32815"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/pull/1739","reference_id":"1739","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://github.com/Exiv2/exiv2/pull/1739"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992198","reference_id":"1992198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992198"},{"reference_url":"https://security.gentoo.org/glsa/202312-06","reference_id":"202312-06","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://security.gentoo.org/glsa/202312-06"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992705","reference_id":"992705","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992705"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/","reference_id":"FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FMDT4PJB7P43WSOM3TRQIY3J33BAFVVE/"},{"reference_url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m","reference_id":"GHSA-mv9g-fxh2-m49m","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-mv9g-fxh2-m49m"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/","reference_id":"UYGDELIFFJWKUU7SO3QATCIXCZJERGAC","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T20:00:12Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UYGDELIFFJWKUU7SO3QATCIXCZJERGAC/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-32815"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cjdk-uxe8-c7e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6335?format=json","vulnerability_id":"VCID-d6jg-ha4e-57fs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14370.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14370.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14370","reference_id":"","reference_type":"","scores":[{"value":"0.00542","scoring_system":"epss","scoring_elements":"0.68156","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14370"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14370","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14370"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1747227","reference_id":"1747227","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1747227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-14370"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d6jg-ha4e-57fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4483?format=json","vulnerability_id":"VCID-d7kx-7jjv-jqaq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10958.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10958.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10958","reference_id":"","reference_type":"","scores":[{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82239","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578659","reference_id":"1578659","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1578659"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"}],"aliases":["CVE-2018-10958"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d7kx-7jjv-jqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4607?format=json","vulnerability_id":"VCID-getr-c6yj-v3fu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12264.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12264.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12264","reference_id":"","reference_type":"","scores":[{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.73218","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590993","reference_id":"1590993","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590993"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901707","reference_id":"901707","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901707"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"}],"aliases":["CVE-2018-12264"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-getr-c6yj-v3fu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152889?format=json","vulnerability_id":"VCID-gvke-8v8n-6kft","summary":"Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18771.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18771.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18771","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44931","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18771"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18771","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18771"},{"reference_url":"https://cwe.mitre.org/data/definitions/126.html","reference_id":"126.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T19:32:41Z/"}],"url":"https://cwe.mitre.org/data/definitions/126.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1997745","reference_id":"1997745","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1997745"},{"reference_url":"https://security.gentoo.org/glsa/202312-06","reference_id":"202312-06","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T19:32:41Z/"}],"url":"https://security.gentoo.org/glsa/202312-06"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/756","reference_id":"756","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T19:32:41Z/"}],"url":"https://github.com/Exiv2/exiv2/issues/756"},{"reference_url":"https://security.archlinux.org/AVG-614","reference_id":"AVG-614","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-614"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-03T19:32:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"},{"reference_url":"https://usn.ubuntu.com/8103-1/","reference_id":"USN-8103-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8103-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2020-18771"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gvke-8v8n-6kft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180286?format=json","vulnerability_id":"VCID-hnj9-8bur-afff","summary":"Multiple vulnerabilities have been found in Exiv2, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11037.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11037.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11037","reference_id":"","reference_type":"","scores":[{"value":"0.00484","scoring_system":"epss","scoring_elements":"0.65727","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11037"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11037","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11037"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579544","reference_id":"1579544","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579544"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-11037"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnj9-8bur-afff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3254?format=json","vulnerability_id":"VCID-j2w7-8q5w-7qdf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18005.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18005.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18005","reference_id":"","reference_type":"","scores":[{"value":"0.00359","scoring_system":"epss","scoring_elements":"0.58507","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18005"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18005","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18005"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531171","reference_id":"1531171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1531171"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885981","reference_id":"885981","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885981"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2017-18005"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2w7-8q5w-7qdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9648?format=json","vulnerability_id":"VCID-jag8-uxd1-akgz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34335.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34335","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22663","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34335"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992210","reference_id":"1992210","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992210"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992707","reference_id":"992707","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992707"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-34335"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jag8-uxd1-akgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9647?format=json","vulnerability_id":"VCID-jgf6-8xwu-guea","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34334.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-34334.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34334","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29371","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-34334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34334","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34334"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992202","reference_id":"1992202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992202"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992706","reference_id":"992706","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992706"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-34334"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jgf6-8xwu-guea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7321?format=json","vulnerability_id":"VCID-keqc-pyf7-1yex","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9143.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9143","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.64087","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9143"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684381","reference_id":"1684381","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1684381"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923472","reference_id":"923472","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-9143"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-keqc-pyf7-1yex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9372?format=json","vulnerability_id":"VCID-m36a-pxb4-pkaq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29473.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29473","reference_id":"","reference_type":"","scores":[{"value":"0.00144","scoring_system":"epss","scoring_elements":"0.34436","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954065","reference_id":"1954065","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1954065"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987736","reference_id":"987736","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987736"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4964-1/","reference_id":"USN-4964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"}],"aliases":["CVE-2021-29473"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m36a-pxb4-pkaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9369?format=json","vulnerability_id":"VCID-nu81-wxs3-bfar","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29463.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-29463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29463","reference_id":"","reference_type":"","scores":[{"value":"0.00099","scoring_system":"epss","scoring_elements":"0.27119","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-29463"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29463","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29463"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978100","reference_id":"1978100","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1978100"},{"reference_url":"https://security.gentoo.org/glsa/202312-06","reference_id":"202312-06","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:39Z/"}],"url":"https://security.gentoo.org/glsa/202312-06"},{"reference_url":"https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b","reference_id":"783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:39Z/"}],"url":"https://github.com/Exiv2/exiv2/commit/783b3a6ff15ed6f82a8f8e6c8a6f3b84a9b04d4b"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988241","reference_id":"988241","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988241"},{"reference_url":"https://security.archlinux.org/ASA-202106-54","reference_id":"ASA-202106-54","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-54"},{"reference_url":"https://security.archlinux.org/AVG-1772","reference_id":"AVG-1772","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1772"},{"reference_url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr","reference_id":"GHSA-5p8g-9xf3-gfrr","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:39Z/"}],"url":"https://github.com/Exiv2/exiv2/security/advisories/GHSA-5p8g-9xf3-gfrr"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/","reference_id":"K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3HKXR6JOVKMBE4HY4FDXNVZGNCQG6T3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/","reference_id":"NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-15T17:09:39Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDMZTVQAZSMLPTDVDYLBHAAF7I5QXVYQ/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4173","reference_id":"RHSA-2021:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4173"},{"reference_url":"https://usn.ubuntu.com/4964-1/","reference_id":"USN-4964-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4964-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-29463"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nu81-wxs3-bfar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7322?format=json","vulnerability_id":"VCID-nvvj-n5gs-hke5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9144.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9144","reference_id":"","reference_type":"","scores":[{"value":"0.01018","scoring_system":"epss","scoring_elements":"0.77622","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9144"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683201","reference_id":"1683201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1683201"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923473","reference_id":"923473","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923473"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-9144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvvj-n5gs-hke5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5070?format=json","vulnerability_id":"VCID-pk71-e7ww-hydc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17581.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17581","reference_id":"","reference_type":"","scores":[{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48821","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17581"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1635045","reference_id":"1635045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1635045"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910060","reference_id":"910060","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-17581"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pk71-e7ww-hydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5183?format=json","vulnerability_id":"VCID-prwe-w873-akbw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19108.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19108","reference_id":"","reference_type":"","scores":[{"value":"0.02159","scoring_system":"epss","scoring_elements":"0.84647","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649101","reference_id":"1649101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649101"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913272","reference_id":"913272","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913272"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-19108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prwe-w873-akbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5849?format=json","vulnerability_id":"VCID-qqx3-ntwu-kuab","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8976.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8976","reference_id":"","reference_type":"","scores":[{"value":"0.00608","scoring_system":"epss","scoring_elements":"0.70184","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8976"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561213","reference_id":"1561213","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561213"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903813","reference_id":"903813","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903813"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-8976"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qqx3-ntwu-kuab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2513?format=json","vulnerability_id":"VCID-ra9p-f3e4-n7e8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11591.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11591.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11591","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55967","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11591"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11591","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11591"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475729","reference_id":"1475729","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475729"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876893","reference_id":"876893","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876893"},{"reference_url":"https://security.archlinux.org/AVG-360","reference_id":"AVG-360","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2017-11591"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ra9p-f3e4-n7e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6835?format=json","vulnerability_id":"VCID-sbjt-wdz4-u7g1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20421.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20421.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20421","reference_id":"","reference_type":"","scores":[{"value":"0.03067","scoring_system":"epss","scoring_elements":"0.87031","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20421"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29457"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3482"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800472","reference_id":"1800472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1800472"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950183","reference_id":"950183","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=950183"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1078516?format=json","purl":"pkg:deb/debian/exiv2@0.25-4%2Bdeb10u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-4%252Bdeb10u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-20421"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sbjt-wdz4-u7g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9886?format=json","vulnerability_id":"VCID-smkm-htz2-d3d4","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37622.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37622","reference_id":"","reference_type":"","scores":[{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29371","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37622"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992186","reference_id":"1992186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992186"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37622"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smkm-htz2-d3d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5287?format=json","vulnerability_id":"VCID-swhv-gywc-ukeh","summary":"","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2101","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/errata/RHSA-2019:2101"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20097.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20097","reference_id":"","reference_type":"","scores":[{"value":"0.02356","scoring_system":"epss","scoring_elements":"0.85261","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20097"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/590","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/issues/590"},{"reference_url":"https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/TeamSeri0us/pocs/tree/master/exiv2/20181206"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://lists.debian.org/debian-lts-announce/2019/02/msg00038.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZXCEKTYF7HLM6VH2WCWO2HXTJH37MBLA/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660424","reference_id":"1660424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1660424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2018-20097","PYSEC-2018-118"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swhv-gywc-ukeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204915?format=json","vulnerability_id":"VCID-sx97-dv1t-9fg6","summary":"An Invalid memory address dereference was discovered in Exiv2::StringValueBase::read in value.cpp in Exiv2 0.26. The vulnerability causes a segmentation fault and application crash, which leads to denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14859.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14859","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29992","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14859"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500315","reference_id":"1500315","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500315"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2017-14859"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sx97-dv1t-9fg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8041?format=json","vulnerability_id":"VCID-u5we-q5fs-wfcz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19716.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19716.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19716","reference_id":"","reference_type":"","scores":[{"value":"0.00838","scoring_system":"epss","scoring_elements":"0.75131","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19716","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19716"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988980","reference_id":"1988980","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1988980"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2020-19716"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u5we-q5fs-wfcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6224?format=json","vulnerability_id":"VCID-vd16-a6u1-wkcz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13109.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13109","reference_id":"","reference_type":"","scores":[{"value":"0.00398","scoring_system":"epss","scoring_elements":"0.61044","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13109"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728484","reference_id":"1728484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-13109"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vd16-a6u1-wkcz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9881?format=json","vulnerability_id":"VCID-vef1-7kvx-k7c2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37616.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37616","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22663","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37616"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992206","reference_id":"1992206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992206"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37616"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vef1-7kvx-k7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6229?format=json","vulnerability_id":"VCID-wzdq-9rvy-qqbz","summary":"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13114.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13114","reference_id":"","reference_type":"","scores":[{"value":"0.02568","scoring_system":"epss","scoring_elements":"0.85862","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/793","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/issues/793"},{"reference_url":"https://github.com/Exiv2/exiv2/pull/815","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/pull/815"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/"},{"reference_url":"https://support.f5.com/csp/article/K45429077?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://support.f5.com/csp/article/K45429077?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://usn.ubuntu.com/4056-1/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://usn.ubuntu.com/4056-1/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728494","reference_id":"1728494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-13114","PYSEC-2019-257"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzdq-9rvy-qqbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6223?format=json","vulnerability_id":"VCID-xyq1-4jrk-bqbh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13108.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13108","reference_id":"","reference_type":"","scores":[{"value":"0.00269","scoring_system":"epss","scoring_elements":"0.50643","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728481","reference_id":"1728481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-13108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xyq1-4jrk-bqbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9887?format=json","vulnerability_id":"VCID-y177-71z5-kfgb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37623.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-37623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37623","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25958","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-37623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37623"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992190","reference_id":"1992190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1992190"},{"reference_url":"https://security.archlinux.org/AVG-2265","reference_id":"AVG-2265","reference_type":"","scores":[{"value":"Low","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2265"},{"reference_url":"https://usn.ubuntu.com/5043-1/","reference_id":"USN-5043-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5043-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2021-37623"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y177-71z5-kfgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6590?format=json","vulnerability_id":"VCID-ydz7-8sjg-1qbe","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17402.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17402","reference_id":"","reference_type":"","scores":[{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49672","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17402"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773683","reference_id":"1773683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1773683"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946341","reference_id":"946341","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=946341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4030","reference_id":"RHSA-2020:4030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1758","reference_id":"RHSA-2021:1758","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1758"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2019-17402"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ydz7-8sjg-1qbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2532?format=json","vulnerability_id":"VCID-ytv2-kgm3-8yee","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11683.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11683","reference_id":"","reference_type":"","scores":[{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65536","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11683"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475754","reference_id":"1475754","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475754"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1075427?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-56vr-1frc-xygp"},{"vulnerability":"VCID-5sk9-se24-67ea"},{"vulnerability":"VCID-5umw-j5nj-sfdu"},{"vulnerability":"VCID-9fxy-b4ek-gqer"},{"vulnerability":"VCID-mmqh-2zce-puap"},{"vulnerability":"VCID-q4b1-a3ap-bufc"},{"vulnerability":"VCID-qpvc-vdfx-bkb4"},{"vulnerability":"VCID-r76r-aycq-q3f5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"}],"aliases":["CVE-2017-11683"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ytv2-kgm3-8yee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4608?format=json","vulnerability_id":"VCID-zph1-cxfg-d3dq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12265.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12265.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12265","reference_id":"","reference_type":"","scores":[{"value":"0.00734","scoring_system":"epss","scoring_elements":"0.73218","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12265"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10958"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12264"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12265"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590994","reference_id":"1590994","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590994"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901706","reference_id":"901706","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901706"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"GLSA-201811-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-14"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1076613?format=json","purl":"pkg:deb/debian/exiv2@0.25-3.1%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1d75-qn32-57ed"},{"vulnerability":"VCID-1ty4-jsjm-kkf6"},{"vulnerability":"VCID-35xu-ekxh-akfj"},{"vulnerability":"VCID-39rc-3nue-aken"},{"vulnerability":"VCID-3c5p-xry8-9uhu"},{"vulnerability":"VCID-3q16-bsta-dycv"},{"vulnerability":"VCID-47zn-pr51-33fc"},{"vulnerability":"VCID-4j78-k7pn-kbhj"},{"vulnerability":"VCID-4qqy-pcus-6bbe"},{"vulnerability":"VCID-68kf-gdaf-tffy"},{"vulnerability":"VCID-6w88-jwjp-x3d2"},{"vulnerability":"VCID-6zs7-t9yq-rkdp"},{"vulnerability":"VCID-8635-8kyr-nbed"},{"vulnerability":"VCID-8h3f-yxfj-zyew"},{"vulnerability":"VCID-8zr7-xh2m-jbf8"},{"vulnerability":"VCID-94n6-xnby-4uhf"},{"vulnerability":"VCID-ahp4-zugk-a7d1"},{"vulnerability":"VCID-bv8h-uth6-67h3"},{"vulnerability":"VCID-c6nk-dvp8-qbcv"},{"vulnerability":"VCID-ce1y-stu8-sqhm"},{"vulnerability":"VCID-chsj-wegt-ffg5"},{"vulnerability":"VCID-cjdk-uxe8-c7e2"},{"vulnerability":"VCID-d6jg-ha4e-57fs"},{"vulnerability":"VCID-getr-c6yj-v3fu"},{"vulnerability":"VCID-gvke-8v8n-6kft"},{"vulnerability":"VCID-hnj9-8bur-afff"},{"vulnerability":"VCID-j2w7-8q5w-7qdf"},{"vulnerability":"VCID-jag8-uxd1-akgz"},{"vulnerability":"VCID-jgf6-8xwu-guea"},{"vulnerability":"VCID-keqc-pyf7-1yex"},{"vulnerability":"VCID-m36a-pxb4-pkaq"},{"vulnerability":"VCID-nu81-wxs3-bfar"},{"vulnerability":"VCID-nvvj-n5gs-hke5"},{"vulnerability":"VCID-pk71-e7ww-hydc"},{"vulnerability":"VCID-prwe-w873-akbw"},{"vulnerability":"VCID-qqx3-ntwu-kuab"},{"vulnerability":"VCID-ra9p-f3e4-n7e8"},{"vulnerability":"VCID-sbjt-wdz4-u7g1"},{"vulnerability":"VCID-smkm-htz2-d3d4"},{"vulnerability":"VCID-swhv-gywc-ukeh"},{"vulnerability":"VCID-sx97-dv1t-9fg6"},{"vulnerability":"VCID-u5we-q5fs-wfcz"},{"vulnerability":"VCID-vd16-a6u1-wkcz"},{"vulnerability":"VCID-vef1-7kvx-k7c2"},{"vulnerability":"VCID-wzdq-9rvy-qqbz"},{"vulnerability":"VCID-xyq1-4jrk-bqbh"},{"vulnerability":"VCID-y177-71z5-kfgb"},{"vulnerability":"VCID-ydz7-8sjg-1qbe"},{"vulnerability":"VCID-ytv2-kgm3-8yee"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.25-3.1%252Bdeb9u2"}],"aliases":["CVE-2018-12265"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zph1-cxfg-d3dq"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.20-2"}