{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","type":"deb","namespace":"debian","name":"xpdf","version":"3.04+git20210103-3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0","latest_non_vulnerable_version":"3.04+git20260220-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12435?format=json","vulnerability_id":"VCID-147z-9zjm-9ybq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41843","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26885","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344","reference_id":"viewtopic.php?f=1&t=42344","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:39:46Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42344"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_id":"viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:39:46Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41843"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-147z-9zjm-9ybq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8175?format=json","vulnerability_id":"VCID-1j9v-w87x-4uaw","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24999","reference_id":"","reference_type":"","scores":[{"value":"0.00258","scoring_system":"epss","scoring_elements":"0.49527","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24999"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2020-24999"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1j9v-w87x-4uaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23346?format=json","vulnerability_id":"VCID-1jrc-a3y4-5few","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2574","reference_id":"","reference_type":"","scores":[{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.14721","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2574"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2025-2574.html","reference_id":"CVE-2025-2574.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-21T15:13:48Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2025-2574.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2025-2574"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1jrc-a3y4-5few"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5160?format=json","vulnerability_id":"VCID-1mv7-a5bk-9bgg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18651","reference_id":"","reference_type":"","scores":[{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39237","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18651"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2018-18651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1mv7-a5bk-9bgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12688?format=json","vulnerability_id":"VCID-1r85-fnvn-rucf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48545","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21733","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48545"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092","reference_id":"viewtopic.php?f=3&t=42092","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:16:19Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-48545"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1r85-fnvn-rucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11576?format=json","vulnerability_id":"VCID-1y6h-6nkx-ckdj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24107","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32021","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202405-18","reference_id":"GLSA-202405-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-18"},{"reference_url":"https://usn.ubuntu.com/7985-1/","reference_id":"USN-7985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-24107"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1y6h-6nkx-ckdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5931?format=json","vulnerability_id":"VCID-22mb-h7he-13gw","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10026","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10026"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10026"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22mb-h7he-13gw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12098?format=json","vulnerability_id":"VCID-24ks-1ksp-gfae","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33108","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.433","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-33108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24ks-1ksp-gfae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219308?format=json","vulnerability_id":"VCID-2bq2-93b7-57eh","summary":"There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2. It can be triggered by (for example) sending a crafted pdf file to the pdftohtml binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24996","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47207","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-24996"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2020-24996"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2bq2-93b7-57eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5930?format=json","vulnerability_id":"VCID-2reu-dg6c-uugz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10025","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10025"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10025"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2reu-dg6c-uugz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175952?format=json","vulnerability_id":"VCID-3gx3-mpgs-8fbz","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608","reference_id":"","reference_type":"","scores":[{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94136","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637","reference_id":"526637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-3608"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gx3-mpgs-8fbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219317?format=json","vulnerability_id":"VCID-3j11-cpz9-pyhx","summary":"XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38237","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38237"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3j11-cpz9-pyhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6253?format=json","vulnerability_id":"VCID-3mdh-tsnd-x3hz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13288","reference_id":"","reference_type":"","scores":[{"value":"0.31539","scoring_system":"epss","scoring_elements":"0.96903","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13288"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mdh-tsnd-x3hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6249?format=json","vulnerability_id":"VCID-4dmg-bxtb-1uc7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13282","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51661","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13282"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13282"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dmg-bxtb-1uc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5923?format=json","vulnerability_id":"VCID-4dx5-rf4e-f7ga","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10021","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10021"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10021"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4dx5-rf4e-f7ga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/164509?format=json","vulnerability_id":"VCID-52z8-n2a7-8qct","summary":"XPDF 4.04 is vulnerable to Null Pointer Dereference in FoFiType1C.cc:2393.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38928","reference_id":"","reference_type":"","scores":[{"value":"0.00157","scoring_system":"epss","scoring_elements":"0.36294","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38928"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_id":"viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-27T15:25:03Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42325&sid=7b08ba9a518a99ce3c5ff40e53fc6421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38928"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-52z8-n2a7-8qct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219318?format=json","vulnerability_id":"VCID-53hd-e1tq-7uhr","summary":"XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38238","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38238"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53hd-e1tq-7uhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5922?format=json","vulnerability_id":"VCID-5rm4-x1n9-9qfh","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10020","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10020"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5rm4-x1n9-9qfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5159?format=json","vulnerability_id":"VCID-63pk-v87p-77gh","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18650","reference_id":"","reference_type":"","scores":[{"value":"0.00178","scoring_system":"epss","scoring_elements":"0.39237","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18650"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2018-18650"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-63pk-v87p-77gh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181259?format=json","vulnerability_id":"VCID-69js-yzx7-ckaa","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3626","reference_id":"","reference_type":"","scores":[{"value":"0.09167","scoring_system":"epss","scoring_elements":"0.92874","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617828","reference_id":"1617828","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617828"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108230?format=json","purl":"pkg:deb/debian/xpdf@3.01-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3626"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69js-yzx7-ckaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11725?format=json","vulnerability_id":"VCID-6e9s-ezcq-q7er","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27135","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43273","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-27135"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202405-18","reference_id":"GLSA-202405-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-27135"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6e9s-ezcq-q7er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219311?format=json","vulnerability_id":"VCID-6rtp-uv23-wfbz","summary":"XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38229","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16701","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38229"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38229"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rtp-uv23-wfbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219306?format=json","vulnerability_id":"VCID-6t14-943y-pqaf","summary":"There is an Invalid memory access in gAtomicIncrement() located at GMutex.h in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9588","reference_id":"","reference_type":"","scores":[{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56908","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9588"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9588"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6t14-943y-pqaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12596?format=json","vulnerability_id":"VCID-6uzb-6xre-ukfj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45587","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12847","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42361","reference_id":"viewtopic.php?t=42361","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T17:53:26Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42361"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-45587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uzb-6xre-ukfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175960?format=json","vulnerability_id":"VCID-71r7-7b3a-tbdd","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2142","reference_id":"","reference_type":"","scores":[{"value":"0.00397","scoring_system":"epss","scoring_elements":"0.60917","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773","reference_id":"487773","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=789936","reference_id":"789936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=789936"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2012-2142"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71r7-7b3a-tbdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175956?format=json","vulnerability_id":"VCID-73w4-4dz1-sqbh","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3703","reference_id":"","reference_type":"","scores":[{"value":"0.01121","scoring_system":"epss","scoring_elements":"0.78656","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=639356","reference_id":"639356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=639356"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3703"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-73w4-4dz1-sqbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12530?format=json","vulnerability_id":"VCID-7468-tf2m-uubm","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43295","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23792","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43295"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42360","reference_id":"viewtopic.php?t=42360","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-13T19:25:09Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42360"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-43295"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7468-tf2m-uubm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9807?format=json","vulnerability_id":"VCID-78g5-3hru-qkb3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36493","reference_id":"","reference_type":"","scores":[{"value":"0.00497","scoring_system":"epss","scoring_elements":"0.66301","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36493"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42160","reference_id":"viewtopic.php?f=3&t=42160","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-27T13:41:50Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42160"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2021-36493"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-78g5-3hru-qkb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46278?format=json","vulnerability_id":"VCID-7gj6-djer-y3ec","summary":"In Xpdf 4.05 (and earlier), a PDF object loop in a pattern resource leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7866","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13239","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7866"},{"reference_url":"https://www.xpdfreader.com/security-bug/object-loops.html","reference_id":"object-loops.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-16T17:13:19Z/"}],"url":"https://www.xpdfreader.com/security-bug/object-loops.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2024-7866"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7gj6-djer-y3ec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175935?format=json","vulnerability_id":"VCID-7zah-epwv-r3ch","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0165","reference_id":"","reference_type":"","scores":[{"value":"0.01757","scoring_system":"epss","scoring_elements":"0.83001","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0165"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0165"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zah-epwv-r3ch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6250?format=json","vulnerability_id":"VCID-84cc-v2a7-kqef","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13283","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51661","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13283"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/4646-1/","reference_id":"USN-4646-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4646-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13283"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-84cc-v2a7-kqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63981?format=json","vulnerability_id":"VCID-89g9-br8p-s7dq","summary":"In Xpdf 4.05 (and earlier), a PDF object loop in the attachments leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3248.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3248.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3248","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06906","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3248"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272854","reference_id":"2272854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272854"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=43657","reference_id":"viewtopic.php?t=43657","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-12T13:50:27Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=43657"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3248"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-89g9-br8p-s7dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15406?format=json","vulnerability_id":"VCID-8de5-7kch-c3e7","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3044","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13942","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3044"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2023-3044.html","reference_id":"CVE-2023-3044.html","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:53:02Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2023-3044.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://github.com/baker221/poc-xpdf","reference_id":"poc-xpdf","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:53:02Z/"}],"url":"https://github.com/baker221/poc-xpdf"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-3044"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8de5-7kch-c3e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185545?format=json","vulnerability_id":"VCID-8qpz-9suz-nkas","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5392","reference_id":"","reference_type":"","scores":[{"value":"0.06485","scoring_system":"epss","scoring_elements":"0.91299","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345111","reference_id":"345111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345111"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108234?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2007-5392"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qpz-9suz-nkas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11915?format=json","vulnerability_id":"VCID-8wa2-gcw3-wbgk","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30524","reference_id":"","reference_type":"","scores":[{"value":"0.01685","scoring_system":"epss","scoring_elements":"0.82621","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-30524"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wa2-gcw3-wbgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181261?format=json","vulnerability_id":"VCID-8wfu-uvve-hba4","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3628.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3628.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3628","reference_id":"","reference_type":"","scores":[{"value":"0.02683","scoring_system":"epss","scoring_elements":"0.86177","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3628"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617830","reference_id":"1617830","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617830"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108230?format=json","purl":"pkg:deb/debian/xpdf@3.01-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3628"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wfu-uvve-hba4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199435?format=json","vulnerability_id":"VCID-8zvv-sqfy-77e8","summary":"Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1384.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1384","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21572","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1384"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616903","reference_id":"1616903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:295","reference_id":"RHSA-2002:295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:295"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:307","reference_id":"RHSA-2002:307","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:307"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:037","reference_id":"RHSA-2003:037","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:216","reference_id":"RHSA-2003:216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:216"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108218?format=json","purl":"pkg:deb/debian/xpdf@2.01-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@2.01-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1384"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8zvv-sqfy-77e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151129?format=json","vulnerability_id":"VCID-93y3-k83z-6kfm","summary":"In Xpdf 4.04 (and earlier), a PDF object loop in the page label tree leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2663","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23121","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2663"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42421","reference_id":"viewtopic.php?t=42421","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:02:53Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42421"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2663"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93y3-k83z-6kfm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12295?format=json","vulnerability_id":"VCID-95r5-sx5b-wqhn","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38222","reference_id":"","reference_type":"","scores":[{"value":"0.00173","scoring_system":"epss","scoring_elements":"0.38496","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38222"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38222"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-95r5-sx5b-wqhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175941?format=json","vulnerability_id":"VCID-9hqc-4htt-d3fq","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1180","reference_id":"","reference_type":"","scores":[{"value":"0.08831","scoring_system":"epss","scoring_elements":"0.92719","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495892","reference_id":"495892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495892"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1180"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hqc-4htt-d3fq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/22502?format=json","vulnerability_id":"VCID-9kwg-skgv-zuc3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11896","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01011","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-11896"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.xpdfreader.com/security-bug/object-loops.html","reference_id":"object-loops.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T13:49:28Z/"}],"url":"https://www.xpdfreader.com/security-bug/object-loops.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2025-11896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kwg-skgv-zuc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6329?format=json","vulnerability_id":"VCID-9qgw-9kp2-e3fh","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14292","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37686","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14292"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14292"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9qgw-9kp2-e3fh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181260?format=json","vulnerability_id":"VCID-9rdv-f3ft-6bd7","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3627","reference_id":"","reference_type":"","scores":[{"value":"0.04327","scoring_system":"epss","scoring_elements":"0.89152","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617829","reference_id":"1617829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617829"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108230?format=json","purl":"pkg:deb/debian/xpdf@3.01-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3627"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rdv-f3ft-6bd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177635?format=json","vulnerability_id":"VCID-9u4t-h4md-v3fw","summary":"Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38334","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.43015","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38334"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38334"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9u4t-h4md-v3fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12595?format=json","vulnerability_id":"VCID-a1hq-mj8q-9uak","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45586","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12847","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45586"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42361","reference_id":"viewtopic.php?t=42361","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-19T17:54:55Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42361"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-45586"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1hq-mj8q-9uak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45831?format=json","vulnerability_id":"VCID-a89e-qnn9-6yay","summary":"In Xpdf 4.05 (and earlier), very large coordinates in a page box can cause an integer overflow and divide-by-zero.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7867","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.1609","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7867"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2024-7867.html","reference_id":"CVE-2024-7867.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-16T17:08:56Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2024-7867.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2024-7867"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a89e-qnn9-6yay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6326?format=json","vulnerability_id":"VCID-aekj-myev-d3ht","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14289","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14289"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aekj-myev-d3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6330?format=json","vulnerability_id":"VCID-afyc-rv2m-rbd6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14293","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14293"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14293"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afyc-rv2m-rbd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181258?format=json","vulnerability_id":"VCID-bbfr-73v1-a3an","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3625","reference_id":"","reference_type":"","scores":[{"value":"0.11286","scoring_system":"epss","scoring_elements":"0.93696","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617827","reference_id":"1617827","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617827"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108230?format=json","purl":"pkg:deb/debian/xpdf@3.01-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3625"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbfr-73v1-a3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5929?format=json","vulnerability_id":"VCID-bfk5-4euh-efhf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10024","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10024"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10024"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfk5-4euh-efhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73748?format=json","vulnerability_id":"VCID-brq4-p273-d7g9","summary":"Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the \"N\" field in ICCBased color spaces.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4407","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02239","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4407"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2026-4407.html","reference_id":"CVE-2026-4407.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:01:23Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2026-4407.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2026-4407"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brq4-p273-d7g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7420?format=json","vulnerability_id":"VCID-btpj-ctzp-2kau","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9877","reference_id":"","reference_type":"","scores":[{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53598","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9877"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-btpj-ctzp-2kau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199748?format=json","vulnerability_id":"VCID-burg-9nz3-yfaf","summary":"Multiple integer overflows in xpdf 2.0 and 3.0, and other packages that use xpdf code such as CUPS, gpdf, and kdegraphics, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0889.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0888.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0888","reference_id":"","reference_type":"","scores":[{"value":"0.03718","scoring_system":"epss","scoring_elements":"0.8824","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0888"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617315","reference_id":"1617315","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617315"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324460","reference_id":"324460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324460"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:543","reference_id":"RHSA-2004:543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:592","reference_id":"RHSA-2004:592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:066","reference_id":"RHSA-2005:066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:354","reference_id":"RHSA-2005:354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:354"},{"reference_url":"https://usn.ubuntu.com/14-1/","reference_id":"USN-14-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/14-1/"},{"reference_url":"https://usn.ubuntu.com/9-1/","reference_id":"USN-9-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/9-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108223?format=json","purl":"pkg:deb/debian/xpdf@3.00-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.00-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0888"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-burg-9nz3-yfaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175936?format=json","vulnerability_id":"VCID-bvyn-44jg-4yhf","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0166","reference_id":"","reference_type":"","scores":[{"value":"0.10043","scoring_system":"epss","scoring_elements":"0.93235","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0166"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490625","reference_id":"490625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490625"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0166"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvyn-44jg-4yhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177648?format=json","vulnerability_id":"VCID-ct52-g5wx-97ht","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1552","reference_id":"","reference_type":"","scores":[{"value":"0.15628","scoring_system":"epss","scoring_elements":"0.94853","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1552"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692853","reference_id":"692853","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692853"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1552"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ct52-g5wx-97ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6505?format=json","vulnerability_id":"VCID-d4ub-f193-hbaz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16115","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39425","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16115"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-16115"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4ub-f193-hbaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5927?format=json","vulnerability_id":"VCID-dc4e-w4tp-tye3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10022","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39093","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10022"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10022"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dc4e-w4tp-tye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219314?format=json","vulnerability_id":"VCID-djqu-9691-pfcc","summary":"XPDF commit ffaf11c was discovered to contain a segmentation violation via Lexer::getObj(Object*) at /xpdf/Lexer.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38234","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1488","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38234"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38234"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djqu-9691-pfcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199750?format=json","vulnerability_id":"VCID-dvc8-nmz5-n7dr","summary":"Multiple integer overflows in xpdf 3.0, and other packages that use xpdf code such as CUPS, allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, a different set of vulnerabilities than those identified by CVE-2004-0888.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0889","reference_id":"","reference_type":"","scores":[{"value":"0.03388","scoring_system":"epss","scoring_elements":"0.87669","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0889"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0889","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0889"},{"reference_url":"https://usn.ubuntu.com/14-1/","reference_id":"USN-14-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/14-1/"},{"reference_url":"https://usn.ubuntu.com/2-1/","reference_id":"USN-2-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108224?format=json","purl":"pkg:deb/debian/xpdf@3.00-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.00-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0889"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dvc8-nmz5-n7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/163193?format=json","vulnerability_id":"VCID-e747-fue7-mkdy","summary":"A stack overflow in the Catalog::readPageLabelTree2(Object*) function of XPDF v4.04 allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43071","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-43071"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959","reference_id":"viewtopic.php?f=3&t=42349&p=43959#p43959","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T18:00:58Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42349&p=43959#p43959"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-43071"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e747-fue7-mkdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206769?format=json","vulnerability_id":"VCID-e83m-gvkw-tkch","summary":"In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12957","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51661","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12957"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e83m-gvkw-tkch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175953?format=json","vulnerability_id":"VCID-e9tv-pg4d-tydb","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609","reference_id":"","reference_type":"","scores":[{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.90888","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893","reference_id":"526893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0755","reference_id":"RHSA-2010:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0755"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-3609"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9tv-pg4d-tydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175946?format=json","vulnerability_id":"VCID-eb51-kw8e-n7gm","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188","reference_id":"","reference_type":"","scores":[{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95898","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907","reference_id":"495907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779","reference_id":"575779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1188"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eb51-kw8e-n7gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/151238?format=json","vulnerability_id":"VCID-epws-kr5a-r3gj","summary":"In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2664","reference_id":"","reference_type":"","scores":[{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15986","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2664"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42422","reference_id":"viewtopic.php?t=42422","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-23T21:22:45Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42422"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2664"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-epws-kr5a-r3gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15269?format=json","vulnerability_id":"VCID-f3ds-thty-xyhq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2662","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10596","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-2662"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42505","reference_id":"viewtopic.php?t=42505","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:05:31Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42505"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-2662"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f3ds-thty-xyhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12434?format=json","vulnerability_id":"VCID-f4j8-q6en-hyg5","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41842","reference_id":"","reference_type":"","scores":[{"value":"0.00333","scoring_system":"epss","scoring_elements":"0.56501","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.xpdfreader.com/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:36:57Z/"}],"url":"http://www.xpdfreader.com/download.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_id":"viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:36:57Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41842"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4j8-q6en-hyg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6254?format=json","vulnerability_id":"VCID-f6v9-cj2n-yyeg","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13289","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52575","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13289"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f6v9-cj2n-yyeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219315?format=json","vulnerability_id":"VCID-fnme-r9a8-fyg7","summary":"XPDF commit ffaf11c was discovered to contain a segmentation violation via DCTStream::getChar() at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38235","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15543","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38235"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38235"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnme-r9a8-fyg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12297?format=json","vulnerability_id":"VCID-ftvp-eskd-qyfv","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38233","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15543","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38233"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ftvp-eskd-qyfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200554?format=json","vulnerability_id":"VCID-g84a-z8t1-8ud2","summary":"The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0104","reference_id":"","reference_type":"","scores":[{"value":"0.16563","scoring_system":"epss","scoring_elements":"0.95064","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0104"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852","reference_id":"406852","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=428126","reference_id":"428126","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=428126"},{"reference_url":"https://usn.ubuntu.com/410-1/","reference_id":"USN-410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/410-1/"},{"reference_url":"https://usn.ubuntu.com/410-2/","reference_id":"USN-410-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/410-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108232?format=json","purl":"pkg:deb/debian/xpdf@3.02?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0104"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g84a-z8t1-8ud2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219316?format=json","vulnerability_id":"VCID-gg66-gswk-4uc5","summary":"XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38236","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16701","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38236"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38236"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gg66-gswk-4uc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8524?format=json","vulnerability_id":"VCID-ggxu-33cm-rbcs","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35376","reference_id":"","reference_type":"","scores":[{"value":"0.00454","scoring_system":"epss","scoring_elements":"0.64242","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35376"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202405-18","reference_id":"GLSA-202405-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2020-35376"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggxu-33cm-rbcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11933?format=json","vulnerability_id":"VCID-gsbs-21td-e3eq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30775","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44751","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30775"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-30775"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gsbs-21td-e3eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45685?format=json","vulnerability_id":"VCID-h1wx-p7bt-77gq","summary":"In Xpdf 4.05 (and earlier), invalid header info in a DCT (JPEG) stream can lead to an uninitialized variable in the DCT decoder. The proof-of-concept PDF file causes a segfault attempting to read from an invalid address.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7868","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47308","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-7868"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2024-7868.html","reference_id":"CVE-2024-7868.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-15T20:33:27Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2024-7868.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2024-7868"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h1wx-p7bt-77gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219307?format=json","vulnerability_id":"VCID-j22b-ferj-hfan","summary":"There is a NULL pointer dereference vulnerability in PSOutputDev::setupResources() located in PSOutputDev.cc in Xpdf 4.01. It can be triggered by sending a crafted pdf file to (for example) the pdftops binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9589","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48375","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9589"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9589"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j22b-ferj-hfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175943?format=json","vulnerability_id":"VCID-jvje-ybwm-2fge","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1182","reference_id":"","reference_type":"","scores":[{"value":"0.07101","scoring_system":"epss","scoring_elements":"0.91724","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1182"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495896","reference_id":"495896","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1182"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvje-ybwm-2fge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6172?format=json","vulnerability_id":"VCID-jxkb-2uha-8ub3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12493","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52135","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12493"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12493"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jxkb-2uha-8ub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175959?format=json","vulnerability_id":"VCID-kktu-nv47-yqh2","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4654","reference_id":"","reference_type":"","scores":[{"value":"0.00468","scoring_system":"epss","scoring_elements":"0.64942","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672181","reference_id":"672181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672181"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4654"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kktu-nv47-yqh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176795?format=json","vulnerability_id":"VCID-kvrd-wcyy-wugd","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3191","reference_id":"","reference_type":"","scores":[{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617796","reference_id":"1617796","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617796"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108229?format=json","purl":"pkg:deb/debian/xpdf@3.01-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3191"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kvrd-wcyy-wugd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177044?format=json","vulnerability_id":"VCID-maks-dh3b-s3ar","summary":"PDFKit and ImageKits are vulnerable to an integer overflow and a stack\n    overflow allowing for the user-assisted execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3387","reference_id":"","reference_type":"","scores":[{"value":"0.25208","scoring_system":"epss","scoring_elements":"0.96315","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248194","reference_id":"248194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248194"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460","reference_id":"435460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462","reference_id":"435462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462"},{"reference_url":"https://security.gentoo.org/glsa/200709-12","reference_id":"GLSA-200709-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-12"},{"reference_url":"https://security.gentoo.org/glsa/200709-17","reference_id":"GLSA-200709-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200709-17"},{"reference_url":"https://security.gentoo.org/glsa/200710-08","reference_id":"GLSA-200710-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-08"},{"reference_url":"https://security.gentoo.org/glsa/200710-20","reference_id":"GLSA-200710-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0720","reference_id":"RHSA-2007:0720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0729","reference_id":"RHSA-2007:0729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0730","reference_id":"RHSA-2007:0730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0731","reference_id":"RHSA-2007:0731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0732","reference_id":"RHSA-2007:0732","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0732"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0735","reference_id":"RHSA-2007:0735","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0735"},{"reference_url":"https://usn.ubuntu.com/496-1/","reference_id":"USN-496-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/496-1/"},{"reference_url":"https://usn.ubuntu.com/496-2/","reference_id":"USN-496-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/496-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108233?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2007-3387"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-maks-dh3b-s3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6251?format=json","vulnerability_id":"VCID-mkx3-yh8p-p7fh","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13286","reference_id":"","reference_type":"","scores":[{"value":"0.00303","scoring_system":"epss","scoring_elements":"0.53988","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13286"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13286"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mkx3-yh8p-p7fh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219305?format=json","vulnerability_id":"VCID-mq3t-kf6v-p3bj","summary":"Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16088","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.2526","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16088"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-16088"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mq3t-kf6v-p3bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199939?format=json","vulnerability_id":"VCID-mw3h-q1x5-tyc7","summary":"Buffer overflow in the Decrypt::makeFileKey2 function in Decrypt.cc for xpdf 3.00 and earlier allows remote attackers to execute arbitrary code via a PDF file with a large /Encrypt /Length keyLength value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0064.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0064.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0064","reference_id":"","reference_type":"","scores":[{"value":"0.08395","scoring_system":"epss","scoring_elements":"0.92504","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0064"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617441","reference_id":"1617441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324459","reference_id":"324459","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:026","reference_id":"RHSA-2005:026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:034","reference_id":"RHSA-2005:034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:049","reference_id":"RHSA-2005:049","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:049"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:053","reference_id":"RHSA-2005:053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:057","reference_id":"RHSA-2005:057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:059","reference_id":"RHSA-2005:059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:059"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:066","reference_id":"RHSA-2005:066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:066"},{"reference_url":"https://usn.ubuntu.com/64-1/","reference_id":"USN-64-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/64-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108226?format=json","purl":"pkg:deb/debian/xpdf@3.00-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.00-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0064"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw3h-q1x5-tyc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199553?format=json","vulnerability_id":"VCID-mw47-dpbx-x7fx","summary":"Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0434.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0434","reference_id":"","reference_type":"","scores":[{"value":"0.25515","scoring_system":"epss","scoring_elements":"0.96349","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0434"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617032","reference_id":"1617032","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617032"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:196","reference_id":"RHSA-2003:196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:196"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:197","reference_id":"RHSA-2003:197","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:216","reference_id":"RHSA-2003:216","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:216"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108222?format=json","purl":"pkg:deb/debian/xpdf@2.02pl1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@2.02pl1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2003-0434"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mw47-dpbx-x7fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176797?format=json","vulnerability_id":"VCID-myqv-mjx7-67hj","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3193","reference_id":"","reference_type":"","scores":[{"value":"0.03031","scoring_system":"epss","scoring_elements":"0.8695","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3193"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617798","reference_id":"1617798","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617798"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://security.gentoo.org/glsa/200603-02","reference_id":"GLSA-200603-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200603-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108229?format=json","purl":"pkg:deb/debian/xpdf@3.01-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3193"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myqv-mjx7-67hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7421?format=json","vulnerability_id":"VCID-mz3x-2cxg-cug6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9878","reference_id":"","reference_type":"","scores":[{"value":"0.00312","scoring_system":"epss","scoring_elements":"0.54761","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9878"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mz3x-2cxg-cug6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175938?format=json","vulnerability_id":"VCID-n6qs-bdsw-xbfy","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0799","reference_id":"","reference_type":"","scores":[{"value":"0.00968","scoring_system":"epss","scoring_elements":"0.77024","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495886","reference_id":"495886","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0799"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6qs-bdsw-xbfy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6158?format=json","vulnerability_id":"VCID-n7y1-g3qa-sbdm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12360","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56966","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850876","reference_id":"1850876","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850876"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12360"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7y1-g3qa-sbdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63878?format=json","vulnerability_id":"VCID-nacf-m3ej-akep","summary":"In Xpdf 4.05 (and earlier), a PDF object loop in an object stream leads to infinite recursion and a stack overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3247.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-3247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3247","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06906","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-3247"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272851","reference_id":"2272851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272851"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=43597","reference_id":"viewtopic.php?t=43597","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-03T17:26:43Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=43597"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2024-3247"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nacf-m3ej-akep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5928?format=json","vulnerability_id":"VCID-nmnf-14rj-auck","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10023","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37174","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10023"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10023"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmnf-14rj-auck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219301?format=json","vulnerability_id":"VCID-nryq-4dyf-ubem","summary":"Unspecified vulnerability in certain versions of xpdf after 3.00, as used in various products including (a) pdfkit.framework, (b) gpdf, (c) pdftohtml, and (d) libextractor, has unknown impact and user-assisted attack vectors, possibly involving errors in (1) gmem.c, (2) SplashXPathScanner.cc, (3) JBIG2Stream.cc, (4) JPXStream.cc, and/or (5) Stream.cc.  NOTE: this description is based on Debian advisory DSA 979, which is based on changes that were made after other vulnerabilities such as CVE-2006-0301 and CVE-2005-3624 through CVE-2005-3628 were fixed.  Some of these newer fixes appear to be security-relevant, although it is not clear if they fix specific issues or are defensive in nature.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1244","reference_id":"","reference_type":"","scores":[{"value":"0.03472","scoring_system":"epss","scoring_elements":"0.87818","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1244"},{"reference_url":"https://usn.ubuntu.com/270-1/","reference_id":"USN-270-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/270-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2006-1244"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nryq-4dyf-ubem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200127?format=json","vulnerability_id":"VCID-nuce-p2rd-4qg4","summary":"xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2097","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22026","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2097"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617684","reference_id":"1617684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617684"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462","reference_id":"322462","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464","reference_id":"324464","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:670","reference_id":"RHSA-2005:670","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:670"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:671","reference_id":"RHSA-2005:671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:706","reference_id":"RHSA-2005:706","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:706"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:708","reference_id":"RHSA-2005:708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:708"},{"reference_url":"https://usn.ubuntu.com/163-1/","reference_id":"USN-163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108228?format=json","purl":"pkg:deb/debian/xpdf@3.00-15?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.00-15%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-2097"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nuce-p2rd-4qg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180393?format=json","vulnerability_id":"VCID-nyvf-mkqj-suhv","summary":"Poppler does not handle fonts inside PDF files safely, allowing for\n    execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1693","reference_id":"","reference_type":"","scores":[{"value":"0.07598","scoring_system":"epss","scoring_elements":"0.92044","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=441722","reference_id":"441722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=441722"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842","reference_id":"476842","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842"},{"reference_url":"https://security.gentoo.org/glsa/200804-18","reference_id":"GLSA-200804-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0238","reference_id":"RHSA-2008:0238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0239","reference_id":"RHSA-2008:0239","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0239"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0240","reference_id":"RHSA-2008:0240","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0240"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0262","reference_id":"RHSA-2008:0262","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0262"},{"reference_url":"https://usn.ubuntu.com/603-1/","reference_id":"USN-603-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/603-1/"},{"reference_url":"https://usn.ubuntu.com/603-2/","reference_id":"USN-603-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/603-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108232?format=json","purl":"pkg:deb/debian/xpdf@3.02?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2008-1693"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyvf-mkqj-suhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219312?format=json","vulnerability_id":"VCID-nzb1-9bxn-e7bn","summary":"XPDF commit ffaf11c was discovered to contain a floating point exception (FPE) via DCTStream::decodeImage() at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38230","reference_id":"","reference_type":"","scores":[{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19957","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38230"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38230"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nzb1-9bxn-e7bn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5921?format=json","vulnerability_id":"VCID-paak-ptzg-bug5","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10019","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39093","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10019"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/4042-1/","reference_id":"USN-4042-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4042-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10019"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-paak-ptzg-bug5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183417?format=json","vulnerability_id":"VCID-pus9-7td3-tqag","summary":"Multiple vulnerabilities in Xpdf could result in execution of\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4035","reference_id":"","reference_type":"","scores":[{"value":"0.0245","scoring_system":"epss","scoring_elements":"0.85529","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=541614","reference_id":"541614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=541614"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1680","reference_id":"RHSA-2009:1680","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1680"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1681","reference_id":"RHSA-2009:1681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1682","reference_id":"RHSA-2009:1682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1682"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108237?format=json","purl":"pkg:deb/debian/xpdf@3.01-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-4035"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pus9-7td3-tqag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175939?format=json","vulnerability_id":"VCID-pyx9-cgtr-4fhr","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0800","reference_id":"","reference_type":"","scores":[{"value":"0.08985","scoring_system":"epss","scoring_elements":"0.92793","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495887","reference_id":"495887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495887"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0800"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyx9-cgtr-4fhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175934?format=json","vulnerability_id":"VCID-q4wu-g376-7ffd","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0147","reference_id":"","reference_type":"","scores":[{"value":"0.05325","scoring_system":"epss","scoring_elements":"0.90261","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490614","reference_id":"490614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490614"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0147"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4wu-g376-7ffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219313?format=json","vulnerability_id":"VCID-q9xt-8ks4-gqf7","summary":"XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38231","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16547","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38231"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38231"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9xt-8ks4-gqf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199798?format=json","vulnerability_id":"VCID-qgxk-45jw-rufc","summary":"Buffer overflow in the Gfx::doImage function in Gfx.cc for xpdf 3.00, and other products that share code such as tetex-bin and kpdf in KDE 3.2.x to 3.2.3 and 3.3.x to 3.3.2, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PDF file that causes the boundaries of a maskColors array to be exceeded.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1125.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1125.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1125","reference_id":"","reference_type":"","scores":[{"value":"0.07314","scoring_system":"epss","scoring_elements":"0.91869","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1125"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1125","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1125"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617371","reference_id":"1617371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617371"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:013","reference_id":"RHSA-2005:013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:018","reference_id":"RHSA-2005:018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:026","reference_id":"RHSA-2005:026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:034","reference_id":"RHSA-2005:034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:053","reference_id":"RHSA-2005:053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:057","reference_id":"RHSA-2005:057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:066","reference_id":"RHSA-2005:066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:354","reference_id":"RHSA-2005:354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:354"},{"reference_url":"https://usn.ubuntu.com/48-1/","reference_id":"USN-48-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/48-1/"},{"reference_url":"https://usn.ubuntu.com/50-1/","reference_id":"USN-50-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/50-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108225?format=json","purl":"pkg:deb/debian/xpdf@3.00-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.00-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2004-1125"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qgxk-45jw-rufc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175940?format=json","vulnerability_id":"VCID-qmrs-szxk-yqda","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1179","reference_id":"","reference_type":"","scores":[{"value":"0.27841","scoring_system":"epss","scoring_elements":"0.96572","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495889","reference_id":"495889","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495889"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1179"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmrs-szxk-yqda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185655?format=json","vulnerability_id":"VCID-qt66-s2v2-jyeg","summary":"Multiple vulnerabilities have been discovered in Xpdf, the worst of which could possibly lead to arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25725","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25725"},{"reference_url":"https://security.gentoo.org/glsa/202405-18","reference_id":"GLSA-202405-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2020-25725"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qt66-s2v2-jyeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/23498?format=json","vulnerability_id":"VCID-qw3k-s7wg-5fax","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3154","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25953","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3154"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.xpdfreader.com/security-bug/CVE-2025-3154.html","reference_id":"CVE-2025-3154.html","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-03T19:14:58Z/"}],"url":"https://www.xpdfreader.com/security-bug/CVE-2025-3154.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2025-3154"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw3k-s7wg-5fax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12436?format=json","vulnerability_id":"VCID-r72s-may1-2kdu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41844","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20645","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.xpdfreader.com/download.html","reference_id":"download.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"http://www.xpdfreader.com/download.html"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_id":"viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=1&t=42340&p=43928&hilit=gfseek#p43928"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844","reference_id":"viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-20T19:41:18Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?f=3&t=42308&p=43844&hilit=XRef%3A%3Afetch#p43844"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-41844"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r72s-may1-2kdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177634?format=json","vulnerability_id":"VCID-rgg8-3vq5-vqgv","summary":"Multiple vulnerabilities have been found in Xpdf, the worst of which could result in denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36561","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26685","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-36561"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-36561"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgg8-3vq5-vqgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6327?format=json","vulnerability_id":"VCID-s8pw-2srr-bufx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14290","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14290"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14290"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8pw-2srr-bufx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219310?format=json","vulnerability_id":"VCID-sm8w-q5cs-zqab","summary":"XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38228","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38228"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38228"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sm8w-q5cs-zqab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175957?format=json","vulnerability_id":"VCID-spcn-1gwj-j7e7","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3704","reference_id":"","reference_type":"","scores":[{"value":"0.01262","scoring_system":"epss","scoring_elements":"0.79844","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3704"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=638960","reference_id":"638960","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=638960"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0749","reference_id":"RHSA-2010:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0751","reference_id":"RHSA-2010:0751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0752","reference_id":"RHSA-2010:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0753","reference_id":"RHSA-2010:0753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3704"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spcn-1gwj-j7e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175958?format=json","vulnerability_id":"VCID-spsd-65hy-f3b1","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4653","reference_id":"","reference_type":"","scores":[{"value":"0.00782","scoring_system":"epss","scoring_elements":"0.74171","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672165","reference_id":"672165","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672165"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4653"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-spsd-65hy-f3b1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175933?format=json","vulnerability_id":"VCID-st7p-3r2b-bqgp","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0146","reference_id":"","reference_type":"","scores":[{"value":"0.0325","scoring_system":"epss","scoring_elements":"0.87413","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0146"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612","reference_id":"490612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/200904-20","reference_id":"GLSA-200904-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-20"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0146"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-st7p-3r2b-bqgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6548?format=json","vulnerability_id":"VCID-tq2r-3cp3-r7ev","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16927","reference_id":"","reference_type":"","scores":[{"value":"0.00164","scoring_system":"epss","scoring_elements":"0.37204","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16927"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.archlinux.org/ASA-201910-10","reference_id":"ASA-201910-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201910-10"},{"reference_url":"https://security.archlinux.org/AVG-1048","reference_id":"AVG-1048","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1048"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-16927"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tq2r-3cp3-r7ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219302?format=json","vulnerability_id":"VCID-tvsr-5qez-tbcb","summary":"There is an out-of-bounds read vulnerability in the function FlateStream::getChar() located at Stream.cc in Xpdf 4.01.01. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure or a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12515","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51661","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12515"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12515"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvsr-5qez-tbcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175948?format=json","vulnerability_id":"VCID-tw79-8bxc-eyb8","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604","reference_id":"","reference_type":"","scores":[{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.91973","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911","reference_id":"526911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-3604"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tw79-8bxc-eyb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6331?format=json","vulnerability_id":"VCID-tymf-rhrr-1bgf","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14294","reference_id":"","reference_type":"","scores":[{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.41217","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14294"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14294"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tymf-rhrr-1bgf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176796?format=json","vulnerability_id":"VCID-u7rb-fd7b-yyfr","summary":"Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n    Poppler potentially resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3192","reference_id":"","reference_type":"","scores":[{"value":"0.12279","scoring_system":"epss","scoring_elements":"0.94021","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617797","reference_id":"1617797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617797"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281","reference_id":"342281","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288","reference_id":"342288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288"},{"reference_url":"https://security.gentoo.org/glsa/200512-08","reference_id":"GLSA-200512-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200512-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:867","reference_id":"RHSA-2005:867","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:867"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:878","reference_id":"RHSA-2005:878","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:878"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://usn.ubuntu.com/227-1/","reference_id":"USN-227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/227-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108229?format=json","purl":"pkg:deb/debian/xpdf@3.01-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3192"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u7rb-fd7b-yyfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175937?format=json","vulnerability_id":"VCID-ueks-erqq-r7bx","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0195.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0195.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0195","reference_id":"","reference_type":"","scores":[{"value":"0.09017","scoring_system":"epss","scoring_elements":"0.92815","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0195"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0195"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612","reference_id":"490612","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=490612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0195"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueks-erqq-r7bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219303?format=json","vulnerability_id":"VCID-ueuu-jhpr-pffm","summary":"In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in FoFiType1C::convertToType0 in fofi/FoFiType1C.cc when it is trying to access the second privateDicts array element, because the privateDicts array has only one element allocated.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12958","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40651","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12958"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12958"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ueuu-jhpr-pffm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6485?format=json","vulnerability_id":"VCID-ujd8-p9y4-23hk","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15860","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15860"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15860"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujd8-p9y4-23hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15568?format=json","vulnerability_id":"VCID-upmx-sq95-bubu","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3436","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05407","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-3436"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202409-25","reference_id":"GLSA-202409-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-25"},{"reference_url":"https://forum.xpdfreader.com/viewtopic.php?t=42618","reference_id":"viewtopic.php?t=42618","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:57:28Z/"}],"url":"https://forum.xpdfreader.com/viewtopic.php?t=42618"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-3436"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-upmx-sq95-bubu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199980?format=json","vulnerability_id":"VCID-v167-39ez-sye4","summary":"The patch for integer overflow vulnerabilities in Xpdf 2.0 and 3.0 (CVE-2004-0888) is incomplete for 64-bit architectures on certain Linux distributions such as Red Hat, which could leave Xpdf users exposed to the original vulnerabilities.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0206.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0206.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0206","reference_id":"","reference_type":"","scores":[{"value":"0.06529","scoring_system":"epss","scoring_elements":"0.91327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0206"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0206","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0206"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617493","reference_id":"1617493","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617493"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:034","reference_id":"RHSA-2005:034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:053","reference_id":"RHSA-2005:053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:057","reference_id":"RHSA-2005:057","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:057"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:132","reference_id":"RHSA-2005:132","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:132"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:213","reference_id":"RHSA-2005:213","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:213"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0206"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v167-39ez-sye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219304?format=json","vulnerability_id":"VCID-v1yj-y1gd-a7c1","summary":"In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13281","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53728","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13281"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13281"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1yj-y1gd-a7c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181856?format=json","vulnerability_id":"VCID-v23j-xjam-gqgh","summary":"Poppler is affected by a memory management issue, which could lead to the\n    execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2950","reference_id":"","reference_type":"","scores":[{"value":"0.12333","scoring_system":"epss","scoring_elements":"0.94034","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=454277","reference_id":"454277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=454277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756","reference_id":"489756","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756"},{"reference_url":"https://security.gentoo.org/glsa/200807-04","reference_id":"GLSA-200807-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200807-04"},{"reference_url":"https://usn.ubuntu.com/631-1/","reference_id":"USN-631-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/631-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2008-2950"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v23j-xjam-gqgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181257?format=json","vulnerability_id":"VCID-vacp-4vnh-1qgh","summary":"KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n    making them vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3624","reference_id":"","reference_type":"","scores":[{"value":"0.07223","scoring_system":"epss","scoring_elements":"0.91806","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617826","reference_id":"1617826","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617826"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076","reference_id":"346076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076"},{"reference_url":"https://security.gentoo.org/glsa/200601-02","reference_id":"GLSA-200601-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-02"},{"reference_url":"https://security.gentoo.org/glsa/200601-17","reference_id":"GLSA-200601-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:840","reference_id":"RHSA-2005:840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:868","reference_id":"RHSA-2005:868","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:868"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0160","reference_id":"RHSA-2006:0160","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0160"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0163","reference_id":"RHSA-2006:0163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0177","reference_id":"RHSA-2006:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0177"},{"reference_url":"https://usn.ubuntu.com/236-1/","reference_id":"USN-236-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-1/"},{"reference_url":"https://usn.ubuntu.com/236-2/","reference_id":"USN-236-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/236-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108230?format=json","purl":"pkg:deb/debian/xpdf@3.01-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2005-3624"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vacp-4vnh-1qgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185142?format=json","vulnerability_id":"VCID-w8vn-74c5-wygs","summary":"A vulnerability in Xpdf might allow local attackers to execute arbitrary\n    code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1144","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25609","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1144"},{"reference_url":"https://security.gentoo.org/glsa/200904-07","reference_id":"GLSA-200904-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200904-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8vn-74c5-wygs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219309?format=json","vulnerability_id":"VCID-w8wy-q3fn-w3a9","summary":"XPDF commit ffaf11c was discovered to contain a stack overflow via __asan_memcpy at asan_interceptors_memintrinsics.cpp.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38227","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17373","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-38227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2022-38227"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w8wy-q3fn-w3a9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175950?format=json","vulnerability_id":"VCID-wh95-wp75-43a8","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3606","reference_id":"","reference_type":"","scores":[{"value":"0.04772","scoring_system":"epss","scoring_elements":"0.89696","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526877","reference_id":"526877","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526877"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-3606"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wh95-wp75-43a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185544?format=json","vulnerability_id":"VCID-wrr1-g4pm-57am","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4352","reference_id":"","reference_type":"","scores":[{"value":"0.25229","scoring_system":"epss","scoring_elements":"0.96317","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-4352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345101","reference_id":"345101","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345101"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108234?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2007-4352"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrr1-g4pm-57am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6252?format=json","vulnerability_id":"VCID-wsct-rhrp-t3bb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13287","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42045","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13287"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13287"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wsct-rhrp-t3bb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6568?format=json","vulnerability_id":"VCID-xej1-5pk2-afe3","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17064","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59171","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17064"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-17064"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xej1-5pk2-afe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6328?format=json","vulnerability_id":"VCID-xrz7-1hdv-bqa9","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14291","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37327","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14291"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14291"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xrz7-1hdv-bqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6255?format=json","vulnerability_id":"VCID-xuwj-f4za-p3cd","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13291","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.47994","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13291"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13291"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xuwj-f4za-p3cd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219319?format=json","vulnerability_id":"VCID-y2us-2hx1-9khy","summary":"Buffer Overflow vulnerability found in XPDF v.4.04 allows an attacker to cause a Denial of Service via the PDFDoc malloc in the pdftotext.cc function. NOTE: Vendor states “it's an expected abort on out-of-memory error.”","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26930","reference_id":"","reference_type":"","scores":[{"value":"0.00145","scoring_system":"epss","scoring_elements":"0.34695","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26930"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2023-26930"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y2us-2hx1-9khy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175942?format=json","vulnerability_id":"VCID-y5se-1pkh-dfcb","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1181","reference_id":"","reference_type":"","scores":[{"value":"0.02433","scoring_system":"epss","scoring_elements":"0.85481","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1181"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495894","reference_id":"495894","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495894"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1181"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y5se-1pkh-dfcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175944?format=json","vulnerability_id":"VCID-ya2n-b2hz-n7dd","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1183","reference_id":"","reference_type":"","scores":[{"value":"0.01703","scoring_system":"epss","scoring_elements":"0.82712","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1183"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495899","reference_id":"495899","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495899"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809","reference_id":"524809","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0429","reference_id":"RHSA-2009:0429","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0429"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0430","reference_id":"RHSA-2009:0430","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0430"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0431","reference_id":"RHSA-2009:0431","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0431"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0458","reference_id":"RHSA-2009:0458","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108235?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.4%2Blenny1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.4%252Blenny1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-1183"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ya2n-b2hz-n7dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202018?format=json","vulnerability_id":"VCID-ya37-d9z8-x3d6","summary":"zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, which allows remote attackers to delete arbitrary files via a crafted .pdf.gz file name.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2902","reference_id":"","reference_type":"","scores":[{"value":"0.00587","scoring_system":"epss","scoring_elements":"0.69575","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2902"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849","reference_id":"635849","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635849"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108239?format=json","purl":"pkg:deb/debian/xpdf@3.02-19?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-19%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2902"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ya37-d9z8-x3d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6325?format=json","vulnerability_id":"VCID-yd9j-gf6b-gbfj","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14288","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42182","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14288"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-14288"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yd9j-gf6b-gbfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177647?format=json","vulnerability_id":"VCID-yggq-aec9-9yg3","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0764","reference_id":"","reference_type":"","scores":[{"value":"0.28735","scoring_system":"epss","scoring_elements":"0.96654","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692909","reference_id":"692909","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692909"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1316-1/","reference_id":"USN-1316-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1316-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2011-0764"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yggq-aec9-9yg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175955?format=json","vulnerability_id":"VCID-yjj4-6g7g-6ueu","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3702","reference_id":"","reference_type":"","scores":[{"value":"0.0763","scoring_system":"epss","scoring_elements":"0.92061","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3702"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=595245","reference_id":"595245","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=595245"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165","reference_id":"599165","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://security.gentoo.org/glsa/201402-17","reference_id":"GLSA-201402-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0749","reference_id":"RHSA-2010:0749","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0749"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0750","reference_id":"RHSA-2010:0750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0751","reference_id":"RHSA-2010:0751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0752","reference_id":"RHSA-2010:0752","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0753","reference_id":"RHSA-2010:0753","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0754","reference_id":"RHSA-2010:0754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0755","reference_id":"RHSA-2010:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0755"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0859","reference_id":"RHSA-2010:0859","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0859"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1005-1/","reference_id":"USN-1005-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1005-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3702"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjj4-6g7g-6ueu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7366?format=json","vulnerability_id":"VCID-yqqe-j6k2-ckek","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9587","reference_id":"","reference_type":"","scores":[{"value":"0.00337","scoring_system":"epss","scoring_elements":"0.56908","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108227?format=json","purl":"pkg:deb/debian/xpdf@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2019-9587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yqqe-j6k2-ckek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177650?format=json","vulnerability_id":"VCID-yt8e-94rc-g7hw","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1554","reference_id":"","reference_type":"","scores":[{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89055","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692856","reference_id":"692856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692856"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1554"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yt8e-94rc-g7hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177649?format=json","vulnerability_id":"VCID-z72y-7nh4-dkfh","summary":"Multiple vulnerabilities have been discovered in T1Lib, the worst\n    of which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1553","reference_id":"","reference_type":"","scores":[{"value":"0.03179","scoring_system":"epss","scoring_elements":"0.87245","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=692854","reference_id":"692854","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=692854"},{"reference_url":"https://security.gentoo.org/glsa/201701-57","reference_id":"GLSA-201701-57","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-57"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0062","reference_id":"RHSA-2012:0062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0137","reference_id":"RHSA-2012:0137","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0137"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1201","reference_id":"RHSA-2012:1201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1201"},{"reference_url":"https://usn.ubuntu.com/1335-1/","reference_id":"USN-1335-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1335-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108238?format=json","purl":"pkg:deb/debian/xpdf@3.02-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1553"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z72y-7nh4-dkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175947?format=json","vulnerability_id":"VCID-zkb3-cjh3-pqew","summary":"Multiple vulnerabilities have been found in Poppler, some of which\n    may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3603","reference_id":"","reference_type":"","scores":[{"value":"0.06276","scoring_system":"epss","scoring_elements":"0.91123","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526915","reference_id":"526915","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526915"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108236?format=json","purl":"pkg:deb/debian/xpdf@3.02-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2009-3603"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkb3-cjh3-pqew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181426?format=json","vulnerability_id":"VCID-zkqh-4s2u-87ha","summary":"KPdf includes vulnerable Xpdf code to handle PDF files, making it\n    vulnerable to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0301","reference_id":"","reference_type":"","scores":[{"value":"0.03084","scoring_system":"epss","scoring_elements":"0.87065","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617882","reference_id":"1617882","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617882"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785","reference_id":"350785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785"},{"reference_url":"https://security.gentoo.org/glsa/200602-04","reference_id":"GLSA-200602-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-04"},{"reference_url":"https://security.gentoo.org/glsa/200602-05","reference_id":"GLSA-200602-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-05"},{"reference_url":"https://security.gentoo.org/glsa/200602-12","reference_id":"GLSA-200602-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0201","reference_id":"RHSA-2006:0201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0206","reference_id":"RHSA-2006:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0206"},{"reference_url":"https://usn.ubuntu.com/249-1/","reference_id":"USN-249-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/249-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108231?format=json","purl":"pkg:deb/debian/xpdf@3.01-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.01-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2006-0301"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkqh-4s2u-87ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185546?format=json","vulnerability_id":"VCID-zmkr-y4ax-9ffc","summary":"Poppler and various KDE components are vulnerable to multiple memory\n    management issues possibly resulting in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5393","reference_id":"","reference_type":"","scores":[{"value":"0.14085","scoring_system":"epss","scoring_elements":"0.94518","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=345121","reference_id":"345121","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=345121"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628","reference_id":"450628","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629","reference_id":"450629","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629"},{"reference_url":"https://security.gentoo.org/glsa/200711-22","reference_id":"GLSA-200711-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1021","reference_id":"RHSA-2007:1021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1022","reference_id":"RHSA-2007:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1023","reference_id":"RHSA-2007:1023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1023"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1024","reference_id":"RHSA-2007:1024","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1025","reference_id":"RHSA-2007:1025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1025"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1026","reference_id":"RHSA-2007:1026","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1026"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1027","reference_id":"RHSA-2007:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1028","reference_id":"RHSA-2007:1028","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1028"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1029","reference_id":"RHSA-2007:1029","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1029"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1030","reference_id":"RHSA-2007:1030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1031","reference_id":"RHSA-2007:1031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1051","reference_id":"RHSA-2007:1051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1051"},{"reference_url":"https://usn.ubuntu.com/542-1/","reference_id":"USN-542-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-1/"},{"reference_url":"https://usn.ubuntu.com/542-2/","reference_id":"USN-542-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/542-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108234?format=json","purl":"pkg:deb/debian/xpdf@3.02-1.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.02-1.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108219?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20210103-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108217?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20220601-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20220601-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108221?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20250304-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20250304-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108220?format=json","purl":"pkg:deb/debian/xpdf@3.04%2Bgit20260220-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20260220-1%3Fdistro=trixie"}],"aliases":["CVE-2007-5393"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmkr-y4ax-9ffc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xpdf@3.04%252Bgit20210103-3%3Fdistro=trixie"}