{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","type":"deb","namespace":"debian","name":"xpdf","version":"3.01-9","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"3.03-10","latest_non_vulnerable_version":"3.03-10","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175952?format=json","vulnerability_id":"VCID-3gx3-mpgs-8fbz","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608","reference_id":"","reference_type":"","scores":[{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94136","published_at":"2026-06-11T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94157","published_at":"2026-06-12T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94162","published_at":"2026-06-13T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94163","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637","reference_id":"526637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-3608"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gx3-mpgs-8fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175956?format=json","vulnerability_id":"VCID-73w4-4dz1-sqbh","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3703","reference_id":"","reference_type":"","scores":[{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78656","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78722","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78739","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78735","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=639356","reference_id":"639356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=639356"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2010-3703"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73w4-4dz1-sqbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175935?format=json","vulnerability_id":"VCID-7zah-epwv-r3ch","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0165","reference_id":"","reference_type":"","scores":[{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83063","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83071","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83067","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0165"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zah-epwv-r3ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185545?format=json","vulnerability_id":"VCID-8qpz-9suz-nkas","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5392","reference_id":"","reference_type":"","scores":[{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91299","published_at":"2026-06-11T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91329","published_at":"2026-06-12T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91337","published_at":"2026-06-13T12:55:00Z"},{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91334","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345111","reference_id":"345111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345111"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2007-5392"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qpz-9suz-nkas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175941?format=json","vulnerability_id":"VCID-9hqc-4htt-d3fq","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1180","reference_id":"","reference_type":"","scores":[{"value":"0.08831","scoring_system":"epss","scoring_elements":"0.92719","published_at":"2026-06-11T12:55:00Z"},{"value":"0.08831","scoring_system":"epss","scoring_elements":"0.92744","published_at":"2026-06-12T12:55:00Z"},{"value":"0.09619","scoring_system":"epss","scoring_elements":"0.93084","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495892","reference_id":"495892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495892"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-1180"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hqc-4htt-d3fq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175936?format=json","vulnerability_id":"VCID-bvyn-44jg-4yhf","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0166","reference_id":"","reference_type":"","scores":[{"value":"0.10043","scoring_system":"epss","scoring_elements":"0.93235","published_at":"2026-06-11T12:55:00Z"},{"value":"0.10043","scoring_system":"epss","scoring_elements":"0.93257","published_at":"2026-06-12T12:55:00Z"},{"value":"0.10043","scoring_system":"epss","scoring_elements":"0.93259","published_at":"2026-06-13T12:55:00Z"},{"value":"0.10043","scoring_system":"epss","scoring_elements":"0.9326","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490625","reference_id":"490625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490625"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0166"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvyn-44jg-4yhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177648?format=json","vulnerability_id":"VCID-ct52-g5wx-97ht","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1552","reference_id":"","reference_type":"","scores":[{"value":"0.15628","scoring_system":"epss","scoring_elements":"0.94853","published_at":"2026-06-11T12:55:00Z"},{"value":"0.15628","scoring_system":"epss","scoring_elements":"0.9487","published_at":"2026-06-12T12:55:00Z"},{"value":"0.15628","scoring_system":"epss","scoring_elements":"0.94876","published_at":"2026-06-13T12:55:00Z"},{"value":"0.15628","scoring_system":"epss","scoring_elements":"0.94879","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1552"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692853","reference_id":"692853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692853"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2011-1552"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ct52-g5wx-97ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175953?format=json","vulnerability_id":"VCID-e9tv-pg4d-tydb","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609","reference_id":"","reference_type":"","scores":[{"value":"0.0506","scoring_system":"epss","scoring_elements":"0.90037","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0506","scoring_system":"epss","scoring_elements":"0.90035","published_at":"2026-06-14T12:55:00Z"},{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.90888","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.90917","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893","reference_id":"526893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0755","reference_id":"RHSA-2010:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0755"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-3609"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9tv-pg4d-tydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175946?format=json","vulnerability_id":"VCID-eb51-kw8e-n7gm","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188","reference_id":"","reference_type":"","scores":[{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95898","published_at":"2026-06-11T12:55:00Z"},{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95911","published_at":"2026-06-12T12:55:00Z"},{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95912","published_at":"2026-06-13T12:55:00Z"},{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95915","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907","reference_id":"495907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779","reference_id":"575779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-1188"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb51-kw8e-n7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200554?format=json","vulnerability_id":"VCID-g84a-z8t1-8ud2","summary":"The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0104","reference_id":"","reference_type":"","scores":[{"value":"0.16563","scoring_system":"epss","scoring_elements":"0.95064","published_at":"2026-06-11T12:55:00Z"},{"value":"0.16563","scoring_system":"epss","scoring_elements":"0.9508","published_at":"2026-06-12T12:55:00Z"},{"value":"0.16563","scoring_system":"epss","scoring_elements":"0.95081","published_at":"2026-06-13T12:55:00Z"},{"value":"0.16563","scoring_system":"epss","scoring_elements":"0.95083","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0104"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852","reference_id":"406852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=428126","reference_id":"428126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=428126"},{"reference_url":"https://usn.ubuntu.com/410-1/","reference_id":"USN-410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/410-1/"},{"reference_url":"https://usn.ubuntu.com/410-2/","reference_id":"USN-410-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/410-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2007-0104"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g84a-z8t1-8ud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175943?format=json","vulnerability_id":"VCID-jvje-ybwm-2fge","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1182","reference_id":"","reference_type":"","scores":[{"value":"0.07101","scoring_system":"epss","scoring_elements":"0.91724","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07101","scoring_system":"epss","scoring_elements":"0.91752","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07752","scoring_system":"epss","scoring_elements":"0.92163","published_at":"2026-06-13T12:55:00Z"},{"value":"0.07752","scoring_system":"epss","scoring_elements":"0.92161","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495896","reference_id":"495896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-1182"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvje-ybwm-2fge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177044?format=json","vulnerability_id":"VCID-maks-dh3b-s3ar","summary":"PDFKit and ImageKits are vulnerable to an integer overflow and a stack\n    overflow allowing for the user-assisted execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3387","reference_id":"","reference_type":"","scores":[{"value":"0.25208","scoring_system":"epss","scoring_elements":"0.96315","published_at":"2026-06-11T12:55:00Z"},{"value":"0.25208","scoring_system":"epss","scoring_elements":"0.96326","published_at":"2026-06-12T12:55:00Z"},{"value":"0.25208","scoring_system":"epss","scoring_elements":"0.96328","published_at":"2026-06-13T12:55:00Z"},{"value":"0.25208","scoring_system":"epss","scoring_elements":"0.96331","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248194","reference_id":"248194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248194"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460","reference_id":"435460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462","reference_id":"435462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462"},{"reference_url":"https://security.gentoo.org/glsa/200709-12","reference_id":"GLSA-200709-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-12"},{"reference_url":"https://security.gentoo.org/glsa/200709-17","reference_id":"GLSA-200709-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-17"},{"reference_url":"https://security.gentoo.org/glsa/200710-08","reference_id":"GLSA-200710-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-08"},{"reference_url":"https://security.gentoo.org/glsa/200710-20","reference_id":"GLSA-200710-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0720","reference_id":"RHSA-2007:0720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0729","reference_id":"RHSA-2007:0729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0730","reference_id":"RHSA-2007:0730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0731","reference_id":"RHSA-2007:0731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0732","reference_id":"RHSA-2007:0732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0735","reference_id":"RHSA-2007:0735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0735"},{"reference_url":"https://usn.ubuntu.com/496-1/","reference_id":"USN-496-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/496-1/"},{"reference_url":"https://usn.ubuntu.com/496-2/","reference_id":"USN-496-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/496-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2007-3387"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-maks-dh3b-s3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175938?format=json","vulnerability_id":"VCID-n6qs-bdsw-xbfy","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0799","reference_id":"","reference_type":"","scores":[{"value":"0.00968","scoring_system":"epss","scoring_elements":"0.77024","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00968","scoring_system":"epss","scoring_elements":"0.77095","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00968","scoring_system":"epss","scoring_elements":"0.77108","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00968","scoring_system":"epss","scoring_elements":"0.77102","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495886","reference_id":"495886","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0799"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6qs-bdsw-xbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180393?format=json","vulnerability_id":"VCID-nyvf-mkqj-suhv","summary":"Poppler does not handle fonts inside PDF files safely, allowing for\n    execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1693","reference_id":"","reference_type":"","scores":[{"value":"0.07598","scoring_system":"epss","scoring_elements":"0.92044","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07598","scoring_system":"epss","scoring_elements":"0.92071","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07598","scoring_system":"epss","scoring_elements":"0.92077","published_at":"2026-06-13T12:55:00Z"},{"value":"0.07598","scoring_system":"epss","scoring_elements":"0.92074","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=441722","reference_id":"441722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=441722"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842","reference_id":"476842","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842"},{"reference_url":"https://security.gentoo.org/glsa/200804-18","reference_id":"GLSA-200804-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0238","reference_id":"RHSA-2008:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0239","reference_id":"RHSA-2008:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0240","reference_id":"RHSA-2008:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0262","reference_id":"RHSA-2008:0262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0262"},{"reference_url":"https://usn.ubuntu.com/603-1/","reference_id":"USN-603-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/603-1/"},{"reference_url":"https://usn.ubuntu.com/603-2/","reference_id":"USN-603-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/603-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2008-1693"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyvf-mkqj-suhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175939?format=json","vulnerability_id":"VCID-pyx9-cgtr-4fhr","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0800","reference_id":"","reference_type":"","scores":[{"value":"0.08985","scoring_system":"epss","scoring_elements":"0.92793","published_at":"2026-06-11T12:55:00Z"},{"value":"0.08985","scoring_system":"epss","scoring_elements":"0.92817","published_at":"2026-06-12T12:55:00Z"},{"value":"0.09785","scoring_system":"epss","scoring_elements":"0.93156","published_at":"2026-06-13T12:55:00Z"},{"value":"0.09785","scoring_system":"epss","scoring_elements":"0.93155","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495887","reference_id":"495887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495887"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0800"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyx9-cgtr-4fhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175934?format=json","vulnerability_id":"VCID-q4wu-g376-7ffd","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0147","reference_id":"","reference_type":"","scores":[{"value":"0.05325","scoring_system":"epss","scoring_elements":"0.90261","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05325","scoring_system":"epss","scoring_elements":"0.90291","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05325","scoring_system":"epss","scoring_elements":"0.903","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05325","scoring_system":"epss","scoring_elements":"0.90298","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490614","reference_id":"490614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490614"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0147"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4wu-g376-7ffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175940?format=json","vulnerability_id":"VCID-qmrs-szxk-yqda","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1179","reference_id":"","reference_type":"","scores":[{"value":"0.27841","scoring_system":"epss","scoring_elements":"0.96572","published_at":"2026-06-11T12:55:00Z"},{"value":"0.27841","scoring_system":"epss","scoring_elements":"0.96583","published_at":"2026-06-12T12:55:00Z"},{"value":"0.33789","scoring_system":"epss","scoring_elements":"0.97074","published_at":"2026-06-13T12:55:00Z"},{"value":"0.33789","scoring_system":"epss","scoring_elements":"0.97073","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495889","reference_id":"495889","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495889"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-1179"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmrs-szxk-yqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175957?format=json","vulnerability_id":"VCID-spcn-1gwj-j7e7","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3704","reference_id":"","reference_type":"","scores":[{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.79411","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.79407","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01262","scoring_system":"epss","scoring_elements":"0.79844","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01262","scoring_system":"epss","scoring_elements":"0.79908","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=638960","reference_id":"638960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=638960"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0749","reference_id":"RHSA-2010:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0751","reference_id":"RHSA-2010:0751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0752","reference_id":"RHSA-2010:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0753","reference_id":"RHSA-2010:0753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2010-3704"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spcn-1gwj-j7e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175958?format=json","vulnerability_id":"VCID-spsd-65hy-f3b1","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4653","reference_id":"","reference_type":"","scores":[{"value":"0.00782","scoring_system":"epss","scoring_elements":"0.74171","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00782","scoring_system":"epss","scoring_elements":"0.74246","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00782","scoring_system":"epss","scoring_elements":"0.74258","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00782","scoring_system":"epss","scoring_elements":"0.74256","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672165","reference_id":"672165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672165"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2010-4653"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spsd-65hy-f3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175933?format=json","vulnerability_id":"VCID-st7p-3r2b-bqgp","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0146","reference_id":"","reference_type":"","scores":[{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87413","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87457","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87462","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87459","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0146"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612","reference_id":"490612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0146"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-st7p-3r2b-bqgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175948?format=json","vulnerability_id":"VCID-tw79-8bxc-eyb8","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604","reference_id":"","reference_type":"","scores":[{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.92001","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.92008","published_at":"2026-06-13T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.92005","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911","reference_id":"526911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-3604"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tw79-8bxc-eyb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175937?format=json","vulnerability_id":"VCID-ueks-erqq-r7bx","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0195.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0195","reference_id":"","reference_type":"","scores":[{"value":"0.05539","scoring_system":"epss","scoring_elements":"0.90508","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05539","scoring_system":"epss","scoring_elements":"0.90507","published_at":"2026-06-14T12:55:00Z"},{"value":"0.09017","scoring_system":"epss","scoring_elements":"0.92815","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09017","scoring_system":"epss","scoring_elements":"0.92838","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612","reference_id":"490612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-0195"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueks-erqq-r7bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175950?format=json","vulnerability_id":"VCID-wh95-wp75-43a8","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3606","reference_id":"","reference_type":"","scores":[{"value":"0.04772","scoring_system":"epss","scoring_elements":"0.89696","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04772","scoring_system":"epss","scoring_elements":"0.8973","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05037","scoring_system":"epss","scoring_elements":"0.9001","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05037","scoring_system":"epss","scoring_elements":"0.90008","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526877","reference_id":"526877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526877"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-3606"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wh95-wp75-43a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185544?format=json","vulnerability_id":"VCID-wrr1-g4pm-57am","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4352","reference_id":"","reference_type":"","scores":[{"value":"0.25229","scoring_system":"epss","scoring_elements":"0.96317","published_at":"2026-06-11T12:55:00Z"},{"value":"0.25229","scoring_system":"epss","scoring_elements":"0.96328","published_at":"2026-06-12T12:55:00Z"},{"value":"0.25229","scoring_system":"epss","scoring_elements":"0.9633","published_at":"2026-06-13T12:55:00Z"},{"value":"0.25229","scoring_system":"epss","scoring_elements":"0.96333","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345101","reference_id":"345101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345101"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2007-4352"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrr1-g4pm-57am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175942?format=json","vulnerability_id":"VCID-y5se-1pkh-dfcb","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1181","reference_id":"","reference_type":"","scores":[{"value":"0.02433","scoring_system":"epss","scoring_elements":"0.85481","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02433","scoring_system":"epss","scoring_elements":"0.85533","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02433","scoring_system":"epss","scoring_elements":"0.85542","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02433","scoring_system":"epss","scoring_elements":"0.85535","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495894","reference_id":"495894","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495894"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-1181"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5se-1pkh-dfcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175944?format=json","vulnerability_id":"VCID-ya2n-b2hz-n7dd","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1183","reference_id":"","reference_type":"","scores":[{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82712","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82781","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82777","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495899","reference_id":"495899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2009-1183"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ya2n-b2hz-n7dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202018?format=json","vulnerability_id":"VCID-ya37-d9z8-x3d6","summary":"zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2902","reference_id":"","reference_type":"","scores":[{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69575","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69665","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69678","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69676","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2902"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849","reference_id":"635849","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1085083?format=json","purl":"pkg:deb/debian/xpdf@3.03-10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.03-10"}],"aliases":["CVE-2011-2902"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ya37-d9z8-x3d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177647?format=json","vulnerability_id":"VCID-yggq-aec9-9yg3","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0764","reference_id":"","reference_type":"","scores":[{"value":"0.28735","scoring_system":"epss","scoring_elements":"0.96654","published_at":"2026-06-11T12:55:00Z"},{"value":"0.28735","scoring_system":"epss","scoring_elements":"0.96665","published_at":"2026-06-12T12:55:00Z"},{"value":"0.28735","scoring_system":"epss","scoring_elements":"0.96666","published_at":"2026-06-13T12:55:00Z"},{"value":"0.28735","scoring_system":"epss","scoring_elements":"0.96668","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692909","reference_id":"692909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692909"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1316-1/","reference_id":"USN-1316-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1316-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2011-0764"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yggq-aec9-9yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175955?format=json","vulnerability_id":"VCID-yjj4-6g7g-6ueu","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3702","reference_id":"","reference_type":"","scores":[{"value":"0.0763","scoring_system":"epss","scoring_elements":"0.92061","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0763","scoring_system":"epss","scoring_elements":"0.92088","published_at":"2026-06-12T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92902","published_at":"2026-06-13T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92903","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3702"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=595245","reference_id":"595245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=595245"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0749","reference_id":"RHSA-2010:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0750","reference_id":"RHSA-2010:0750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0751","reference_id":"RHSA-2010:0751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0752","reference_id":"RHSA-2010:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0753","reference_id":"RHSA-2010:0753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0754","reference_id":"RHSA-2010:0754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0755","reference_id":"RHSA-2010:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2010-3702"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjj4-6g7g-6ueu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177650?format=json","vulnerability_id":"VCID-yt8e-94rc-g7hw","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1554","reference_id":"","reference_type":"","scores":[{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89055","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89093","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89101","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692856","reference_id":"692856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692856"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2011-1554"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt8e-94rc-g7hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177649?format=json","vulnerability_id":"VCID-z72y-7nh4-dkfh","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1553","reference_id":"","reference_type":"","scores":[{"value":"0.03179","scoring_system":"epss","scoring_elements":"0.87245","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03179","scoring_system":"epss","scoring_elements":"0.8729","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03179","scoring_system":"epss","scoring_elements":"0.87297","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03179","scoring_system":"epss","scoring_elements":"0.87294","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692854","reference_id":"692854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692854"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2011-1553"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z72y-7nh4-dkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175947?format=json","vulnerability_id":"VCID-zkb3-cjh3-pqew","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3603","reference_id":"","reference_type":"","scores":[{"value":"0.06276","scoring_system":"epss","scoring_elements":"0.91123","published_at":"2026-06-11T12:55:00Z"},{"value":"0.06276","scoring_system":"epss","scoring_elements":"0.91155","published_at":"2026-06-12T12:55:00Z"},{"value":"0.06276","scoring_system":"epss","scoring_elements":"0.91161","published_at":"2026-06-13T12:55:00Z"},{"value":"0.06276","scoring_system":"epss","scoring_elements":"0.9116","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526915","reference_id":"526915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526915"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081543?format=json","purl":"pkg:deb/debian/xpdf@3.02-12%2Bsqueeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-ya37-d9z8-x3d6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-12%252Bsqueeze1"}],"aliases":["CVE-2009-3603"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkb3-cjh3-pqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185546?format=json","vulnerability_id":"VCID-zmkr-y4ax-9ffc","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5393","reference_id":"","reference_type":"","scores":[{"value":"0.14085","scoring_system":"epss","scoring_elements":"0.94518","published_at":"2026-06-11T12:55:00Z"},{"value":"0.14085","scoring_system":"epss","scoring_elements":"0.94537","published_at":"2026-06-12T12:55:00Z"},{"value":"0.14085","scoring_system":"epss","scoring_elements":"0.94544","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345121","reference_id":"345121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345121"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1023","reference_id":"RHSA-2007:1023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1028","reference_id":"RHSA-2007:1028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1031","reference_id":"RHSA-2007:1031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1051","reference_id":"RHSA-2007:1051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1051"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081542?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny4"}],"aliases":["CVE-2007-5393"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmkr-y4ax-9ffc"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181259?format=json","vulnerability_id":"VCID-69js-yzx7-ckaa","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3626","reference_id":"","reference_type":"","scores":[{"value":"0.09167","scoring_system":"epss","scoring_elements":"0.92874","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09167","scoring_system":"epss","scoring_elements":"0.92897","published_at":"2026-06-12T12:55:00Z"},{"value":"0.09167","scoring_system":"epss","scoring_elements":"0.92899","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617828","reference_id":"1617828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617828"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3626"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69js-yzx7-ckaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181261?format=json","vulnerability_id":"VCID-8wfu-uvve-hba4","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3628.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3628.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3628","reference_id":"","reference_type":"","scores":[{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.86177","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.86227","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.86235","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617830","reference_id":"1617830","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617830"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3628"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wfu-uvve-hba4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181260?format=json","vulnerability_id":"VCID-9rdv-f3ft-6bd7","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3627","reference_id":"","reference_type":"","scores":[{"value":"0.04327","scoring_system":"epss","scoring_elements":"0.89152","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04327","scoring_system":"epss","scoring_elements":"0.8919","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04327","scoring_system":"epss","scoring_elements":"0.89198","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617829","reference_id":"1617829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3627"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rdv-f3ft-6bd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181258?format=json","vulnerability_id":"VCID-bbfr-73v1-a3an","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3625","reference_id":"","reference_type":"","scores":[{"value":"0.11286","scoring_system":"epss","scoring_elements":"0.93696","published_at":"2026-06-11T12:55:00Z"},{"value":"0.11286","scoring_system":"epss","scoring_elements":"0.93716","published_at":"2026-06-12T12:55:00Z"},{"value":"0.11286","scoring_system":"epss","scoring_elements":"0.9372","published_at":"2026-06-13T12:55:00Z"},{"value":"0.11286","scoring_system":"epss","scoring_elements":"0.93722","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617827","reference_id":"1617827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3625"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbfr-73v1-a3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176795?format=json","vulnerability_id":"VCID-kvrd-wcyy-wugd","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3191","reference_id":"","reference_type":"","scores":[{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.86996","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.87006","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.87002","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617796","reference_id":"1617796","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617796"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3191"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvrd-wcyy-wugd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176797?format=json","vulnerability_id":"VCID-myqv-mjx7-67hj","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3193","reference_id":"","reference_type":"","scores":[{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.86996","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.87006","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.87002","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3193"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617798","reference_id":"1617798","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617798"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://security.gentoo.org/glsa/200603-02","reference_id":"GLSA-200603-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3193"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myqv-mjx7-67hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200127?format=json","vulnerability_id":"VCID-nuce-p2rd-4qg4","summary":"xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2097","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22026","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22217","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22228","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22205","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617684","reference_id":"1617684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617684"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462","reference_id":"322462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464","reference_id":"324464","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:670","reference_id":"RHSA-2005:670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:671","reference_id":"RHSA-2005:671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:706","reference_id":"RHSA-2005:706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:708","reference_id":"RHSA-2005:708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:708"},{"reference_url":"https://usn.ubuntu.com/163-1/","reference_id":"USN-163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-2097"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuce-p2rd-4qg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183417?format=json","vulnerability_id":"VCID-pus9-7td3-tqag","summary":"Multiple vulnerabilities in Xpdf could result in execution of\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4035","reference_id":"","reference_type":"","scores":[{"value":"0.0245","scoring_system":"epss","scoring_elements":"0.85529","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0245","scoring_system":"epss","scoring_elements":"0.8558","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0245","scoring_system":"epss","scoring_elements":"0.85589","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0245","scoring_system":"epss","scoring_elements":"0.85581","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541614","reference_id":"541614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541614"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1680","reference_id":"RHSA-2009:1680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1681","reference_id":"RHSA-2009:1681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1682","reference_id":"RHSA-2009:1682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1682"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2009-4035"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pus9-7td3-tqag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176796?format=json","vulnerability_id":"VCID-u7rb-fd7b-yyfr","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3192","reference_id":"","reference_type":"","scores":[{"value":"0.12279","scoring_system":"epss","scoring_elements":"0.94021","published_at":"2026-06-11T12:55:00Z"},{"value":"0.12279","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-06-12T12:55:00Z"},{"value":"0.12279","scoring_system":"epss","scoring_elements":"0.94046","published_at":"2026-06-13T12:55:00Z"},{"value":"0.12279","scoring_system":"epss","scoring_elements":"0.94048","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617797","reference_id":"1617797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617797"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3192"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7rb-fd7b-yyfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181257?format=json","vulnerability_id":"VCID-vacp-4vnh-1qgh","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3624","reference_id":"","reference_type":"","scores":[{"value":"0.07223","scoring_system":"epss","scoring_elements":"0.91806","published_at":"2026-06-11T12:55:00Z"},{"value":"0.07223","scoring_system":"epss","scoring_elements":"0.91833","published_at":"2026-06-12T12:55:00Z"},{"value":"0.07223","scoring_system":"epss","scoring_elements":"0.91842","published_at":"2026-06-13T12:55:00Z"},{"value":"0.07223","scoring_system":"epss","scoring_elements":"0.91838","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617826","reference_id":"1617826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617826"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2005-3624"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vacp-4vnh-1qgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181426?format=json","vulnerability_id":"VCID-zkqh-4s2u-87ha","summary":"KPdf includes vulnerable Xpdf code to handle PDF files, making it\n    vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0301","reference_id":"","reference_type":"","scores":[{"value":"0.03084","scoring_system":"epss","scoring_elements":"0.87065","published_at":"2026-06-11T12:55:00Z"},{"value":"0.03084","scoring_system":"epss","scoring_elements":"0.87111","published_at":"2026-06-12T12:55:00Z"},{"value":"0.03084","scoring_system":"epss","scoring_elements":"0.8712","published_at":"2026-06-13T12:55:00Z"},{"value":"0.03084","scoring_system":"epss","scoring_elements":"0.87117","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617882","reference_id":"1617882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617882"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785","reference_id":"350785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785"},{"reference_url":"https://security.gentoo.org/glsa/200602-04","reference_id":"GLSA-200602-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-04"},{"reference_url":"https://security.gentoo.org/glsa/200602-05","reference_id":"GLSA-200602-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-05"},{"reference_url":"https://security.gentoo.org/glsa/200602-12","reference_id":"GLSA-200602-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0201","reference_id":"RHSA-2006:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0206","reference_id":"RHSA-2006:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0206"},{"reference_url":"https://usn.ubuntu.com/249-1/","reference_id":"USN-249-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/249-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1081237?format=json","purl":"pkg:deb/debian/xpdf@3.01-9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gx3-mpgs-8fbz"},{"vulnerability":"VCID-73w4-4dz1-sqbh"},{"vulnerability":"VCID-7zah-epwv-r3ch"},{"vulnerability":"VCID-8qpz-9suz-nkas"},{"vulnerability":"VCID-9hqc-4htt-d3fq"},{"vulnerability":"VCID-bvyn-44jg-4yhf"},{"vulnerability":"VCID-ct52-g5wx-97ht"},{"vulnerability":"VCID-e9tv-pg4d-tydb"},{"vulnerability":"VCID-eb51-kw8e-n7gm"},{"vulnerability":"VCID-g84a-z8t1-8ud2"},{"vulnerability":"VCID-jvje-ybwm-2fge"},{"vulnerability":"VCID-maks-dh3b-s3ar"},{"vulnerability":"VCID-n6qs-bdsw-xbfy"},{"vulnerability":"VCID-nyvf-mkqj-suhv"},{"vulnerability":"VCID-pyx9-cgtr-4fhr"},{"vulnerability":"VCID-q4wu-g376-7ffd"},{"vulnerability":"VCID-qmrs-szxk-yqda"},{"vulnerability":"VCID-spcn-1gwj-j7e7"},{"vulnerability":"VCID-spsd-65hy-f3b1"},{"vulnerability":"VCID-st7p-3r2b-bqgp"},{"vulnerability":"VCID-tw79-8bxc-eyb8"},{"vulnerability":"VCID-ueks-erqq-r7bx"},{"vulnerability":"VCID-wh95-wp75-43a8"},{"vulnerability":"VCID-wrr1-g4pm-57am"},{"vulnerability":"VCID-y5se-1pkh-dfcb"},{"vulnerability":"VCID-ya2n-b2hz-n7dd"},{"vulnerability":"VCID-ya37-d9z8-x3d6"},{"vulnerability":"VCID-yggq-aec9-9yg3"},{"vulnerability":"VCID-yjj4-6g7g-6ueu"},{"vulnerability":"VCID-yt8e-94rc-g7hw"},{"vulnerability":"VCID-z72y-7nh4-dkfh"},{"vulnerability":"VCID-zkb3-cjh3-pqew"},{"vulnerability":"VCID-zmkr-y4ax-9ffc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}],"aliases":["CVE-2006-0301"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkqh-4s2u-87ha"}],"risk_score":"0.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-9"}