{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","type":"alpm","namespace":"archlinux","name":"cgal","version":"5.4-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152452?format=json","vulnerability_id":"VCID-1v62-5msy-kydm","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->prev().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28633","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28633"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:31Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:31Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:31Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28633"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1v62-5msy-kydm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152426?format=json","vulnerability_id":"VCID-47jt-53yp-z7df","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_face().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28606","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28606"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28606","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28606"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:01Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:01Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:01Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28606"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47jt-53yp-z7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152458?format=json","vulnerability_id":"VCID-5hrs-tsbe-d7bv","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->incident_sface().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28632","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28632"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:35Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:35Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:35Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28632"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5hrs-tsbe-d7bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178530?format=json","vulnerability_id":"VCID-5qbg-zchp-mqha","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28627","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68041","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68128","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28627"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28627","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28627"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28627"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qbg-zchp-mqha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152440?format=json","vulnerability_id":"VCID-5xhh-emp6-8bb7","summary":"A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious input to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28601","reference_id":"","reference_type":"","scores":[{"value":"0.04334","scoring_system":"epss","scoring_elements":"0.89159","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04334","scoring_system":"epss","scoring_elements":"0.89197","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28601"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/","reference_id":"E4J344OKKDLPRN422OYRR46HDEN6MM6P","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/","reference_id":"NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:52Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28601"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xhh-emp6-8bb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152421?format=json","vulnerability_id":"VCID-6ccw-jda5-1qc4","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->incident_sface().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28622","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28622"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:08Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:08Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28622"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ccw-jda5-1qc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152930?format=json","vulnerability_id":"VCID-6xzv-af57-uub8","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sloop() slh->facet().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35629","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35629"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:21Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:21Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35629"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xzv-af57-uub8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152465?format=json","vulnerability_id":"VCID-7x74-273g-fycv","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_next().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28604","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28604"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:08Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:08Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28604"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x74-273g-fycv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152445?format=json","vulnerability_id":"VCID-8k9k-z3gy-4bh7","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_first_out_edge().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28611","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28611"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28611","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28611"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:41Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:41Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28611"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8k9k-z3gy-4bh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152446?format=json","vulnerability_id":"VCID-8ukk-wsua-e7gp","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfloop().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28618","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28618"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:21Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:21Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28618"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8ukk-wsua-e7gp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152424?format=json","vulnerability_id":"VCID-b556-rp7k-dkb2","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_begin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28614","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28614"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28614","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28614"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:30Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:30Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28614"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b556-rp7k-dkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152433?format=json","vulnerability_id":"VCID-b8rz-afuw-zyc4","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SM_io_parser.h SM_io_parser<Decorator_>::read_vertex() set_face().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28610","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28610"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28610","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28610"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:45Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:45Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:45Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28610"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8rz-afuw-zyc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152436?format=json","vulnerability_id":"VCID-bbpd-tp7g-dygk","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SLoop_of.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28625","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28625"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:59Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:59Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28625"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bbpd-tp7g-dygk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152455?format=json","vulnerability_id":"VCID-bdbz-7m4g-4bga","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->source().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28631","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28631"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:40Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:40Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28631"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdbz-7m4g-4bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152929?format=json","vulnerability_id":"VCID-byw6-fpja-9bf9","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->center_vertex().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35630","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35630"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:17Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:17Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35630"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-byw6-fpja-9bf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178532?format=json","vulnerability_id":"VCID-cbam-g5vu-sucu","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35634","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6074","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60845","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35634"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35634"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cbam-g5vu-sucu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152432?format=json","vulnerability_id":"VCID-dfsy-ajts-e3ar","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_iv().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28609","reference_id":"","reference_type":"","scores":[{"value":"0.00612","scoring_system":"epss","scoring_elements":"0.70307","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00612","scoring_system":"epss","scoring_elements":"0.70397","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28609"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:49Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28609"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dfsy-ajts-e3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152935?format=json","vulnerability_id":"VCID-drg4-bbdh-qkgt","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() sfh->boundary_entry_objects Edge_of.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35632","reference_id":"","reference_type":"","scores":[{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60467","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60573","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35632"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:09Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:09Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:09Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35632"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-drg4-bbdh-qkgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152466?format=json","vulnerability_id":"VCID-dx7j-g25p-bye3","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() store_fc().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28608","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28608"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:53Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:53Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28608"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dx7j-g25p-bye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152933?format=json","vulnerability_id":"VCID-ga45-s4g1-gkeb","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() SD.link_as_face_cycle().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35631","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35631"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:14Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:14Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35631"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ga45-s4g1-gkeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152462?format=json","vulnerability_id":"VCID-hfth-rj7c-xfh8","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_begin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28612","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28612"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:37Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:37Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28612"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfth-rj7c-xfh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152932?format=json","vulnerability_id":"VCID-hu7g-wgvs-c7fs","summary":"A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious input to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35628","reference_id":"","reference_type":"","scores":[{"value":"0.04334","scoring_system":"epss","scoring_elements":"0.89197","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04334","scoring_system":"epss","scoring_elements":"0.89159","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35628"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/","reference_id":"E4J344OKKDLPRN422OYRR46HDEN6MM6P","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/","reference_id":"NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:46Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35628"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hu7g-wgvs-c7fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178528?format=json","vulnerability_id":"VCID-jwve-yayd-xuax","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28603","reference_id":"","reference_type":"","scores":[{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72283","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0069","scoring_system":"epss","scoring_elements":"0.72365","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28603"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28603"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jwve-yayd-xuax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152443?format=json","vulnerability_id":"VCID-kjje-nnny-nkfh","summary":"A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28636","reference_id":"","reference_type":"","scores":[{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.86278","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02709","scoring_system":"epss","scoring_elements":"0.86228","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28636"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/","reference_id":"E4J344OKKDLPRN422OYRR46HDEN6MM6P","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E4J344OKKDLPRN422OYRR46HDEN6MM6P/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/05/msg00002.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/","reference_id":"NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NB5SF5OJR2DSV7CC6U7FVW5VJSJO5EKV/"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:07:49Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28636"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kjje-nnny-nkfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152937?format=json","vulnerability_id":"VCID-mbtc-gjj1-c7fm","summary":"A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() store_sm_boundary_item() Edge_of.A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35633","reference_id":"","reference_type":"","scores":[{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.6074","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00394","scoring_system":"epss","scoring_elements":"0.60845","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35633"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:21Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:21Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:21Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35633"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbtc-gjj1-c7fm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152430?format=json","vulnerability_id":"VCID-n8j6-uaua-mkew","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->snext().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28630","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28630"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28630","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28630"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:45Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:45Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:45Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28630"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8j6-uaua-mkew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152450?format=json","vulnerability_id":"VCID-nfs6-ey4y-53av","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->next().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28634","reference_id":"","reference_type":"","scores":[{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.72105","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00682","scoring_system":"epss","scoring_elements":"0.72188","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28634"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:26Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:26Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:26Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28634"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nfs6-ey4y-53av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152441?format=json","vulnerability_id":"VCID-pbag-t9hq-77e8","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->sfaces_begin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28616","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28616"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28616"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:24Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:24Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28616"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pbag-t9hq-77e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152442?format=json","vulnerability_id":"VCID-ppgk-fkft-yqdk","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->boundary_entry_objects SEdge_of.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28624","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28624"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:02Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:02Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:02Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28624"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppgk-fkft-yqdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152460?format=json","vulnerability_id":"VCID-q542-gxfb-cbfr","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->center_vertex():.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28620","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28620"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:14Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:14Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:14Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28620"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q542-gxfb-cbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152420?format=json","vulnerability_id":"VCID-qmnv-myks-jfga","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->svertices_last().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28613","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28613"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:33Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:33Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:33Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28613"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmnv-myks-jfga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152449?format=json","vulnerability_id":"VCID-r62y-y9ew-bycm","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->out_sedge().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28621","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28621"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:11Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:11Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:11Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28621"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r62y-y9ew-bycm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152469?format=json","vulnerability_id":"VCID-rtf3-vcdd-ykg8","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_hedge() e->set_vertex().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28605","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28605"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28605","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28605"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:05Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:05Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28605"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rtf3-vcdd-ykg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152444?format=json","vulnerability_id":"VCID-rw62-qt2f-dbgc","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_vertex() vh->shalfedges_last().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28615","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28615"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:27Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:27Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:27Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28615"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rw62-qt2f-dbgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152467?format=json","vulnerability_id":"VCID-sgps-1vbn-d3fd","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sedge() seh->sprev().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28629","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28629"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:22Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-15T18:20:22Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28629"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgps-1vbn-d3fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152425?format=json","vulnerability_id":"VCID-txpn-2b4v-vyee","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->twin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28623","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.6909","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.69182","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28623"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:05Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:05Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:05Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28623"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txpn-2b4v-vyee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178531?format=json","vulnerability_id":"VCID-v8r1-r7k9-2ydf","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28635","reference_id":"","reference_type":"","scores":[{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.68159","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00543","scoring_system":"epss","scoring_elements":"0.68247","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28635"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28635"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v8r1-r7k9-2ydf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152463?format=json","vulnerability_id":"VCID-vnzy-9vk8-aya3","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_face() set_halfedge().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28607","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28607"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:57Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:57Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:57Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28607"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vnzy-9vk8-aya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178529?format=json","vulnerability_id":"VCID-vrjm-95g1-zyfg","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28617","reference_id":"","reference_type":"","scores":[{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.69317","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.69409","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28617"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28617","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28617"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28617"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vrjm-95g1-zyfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152447?format=json","vulnerability_id":"VCID-w6yt-asz5-23eb","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_volume() seh->twin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28628","reference_id":"","reference_type":"","scores":[{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67642","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00529","scoring_system":"epss","scoring_elements":"0.67731","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28628"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:49Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:49Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28628"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w6yt-asz5-23eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152456?format=json","vulnerability_id":"VCID-wjde-kudm-xyhm","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_facet() fh->incident_volume().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28626","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28626"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28626","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28626"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:54Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:10:54Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28626"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wjde-kudm-xyhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152928?format=json","vulnerability_id":"VCID-wm3e-84kd-dyha","summary":"A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35636","reference_id":"","reference_type":"","scores":[{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.79393","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01211","scoring_system":"epss","scoring_elements":"0.79459","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35636"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:24Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:24Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:24Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35636"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wm3e-84kd-dyha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178533?format=json","vulnerability_id":"VCID-yz99-gfqb-k7f7","summary":"Multiple vulnerabilities have been found in CGAL, the worst of which could result in arbitrary code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35635","reference_id":"","reference_type":"","scores":[{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75717","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00875","scoring_system":"epss","scoring_elements":"0.75787","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35635"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35635","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35635"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-35635"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yz99-gfqb-k7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152451?format=json","vulnerability_id":"VCID-z77e-dqh9-gufu","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_edge() eh->twin().","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28619","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69057","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28619"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:18Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:18Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:11:18Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28619"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z77e-dqh9-gufu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/152448?format=json","vulnerability_id":"VCID-zevk-1517-x3ht","summary":"Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confusion, which could lead to code execution. An attacker can provide malicious input to trigger any of these vulnerabilities. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser<PMDEC>::read_vertex() Halfedge_of[].","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28602","reference_id":"","reference_type":"","scores":[{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72014","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00678","scoring_system":"epss","scoring_elements":"0.72098","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28602"},{"reference_url":"https://security.gentoo.org/glsa/202305-34","reference_id":"202305-34","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:12Z/"}],"url":"https://security.gentoo.org/glsa/202305-34"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671","reference_id":"985671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985671"},{"reference_url":"https://security.archlinux.org/AVG-1643","reference_id":"AVG-1643","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1643"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html","reference_id":"msg00011.html","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/12/msg00011.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225","reference_id":"TALOS-2020-1225","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-04-23T13:12:12Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/10843?format=json","purl":"pkg:alpm/archlinux/cgal@5.4-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}],"aliases":["CVE-2020-28602"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zevk-1517-x3ht"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/cgal@5.4-1"}