{"url":"http://public2.vulnerablecode.io/api/packages/109597?format=json","purl":"pkg:rpm/redhat/libkdcraw@4.10.5-5?arch=el7","type":"rpm","namespace":"redhat","name":"libkdcraw","version":"4.10.5-5","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83595?format=json","vulnerability_id":"VCID-8g8a-1egc-pbhs","summary":"LibRaw: Stack-based buffer overflow in quicktake_100_load_raw() function in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5805.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5805","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65977","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66047","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66015","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66064","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66053","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66088","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6609","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66111","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66122","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6612","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66098","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5805"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591887","reference_id":"1591887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591887"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3065","reference_id":"RHSA-2018:3065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3065"}],"fixed_packages":[],"aliases":["CVE-2018-5805"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8g8a-1egc-pbhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83702?format=json","vulnerability_id":"VCID-b7yv-7e6a-nfhy","summary":"LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5802.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5802","reference_id":"","reference_type":"","scores":[{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71509","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71516","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71533","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71506","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71546","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71565","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71598","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71577","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71628","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71633","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71637","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00679","scoring_system":"epss","scoring_elements":"0.71622","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5802"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553335","reference_id":"1553335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3065","reference_id":"RHSA-2018:3065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3065"},{"reference_url":"https://usn.ubuntu.com/3615-1/","reference_id":"USN-3615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3615-1/"}],"fixed_packages":[],"aliases":["CVE-2018-5802"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b7yv-7e6a-nfhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83700?format=json","vulnerability_id":"VCID-k9d9-tfcf-byf3","summary":"LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5800.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5800","reference_id":"","reference_type":"","scores":[{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.80946","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.80955","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.80977","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.80976","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81004","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81011","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81027","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81014","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81006","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81044","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81045","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81043","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81066","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81074","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81082","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01483","scoring_system":"epss","scoring_elements":"0.81097","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5800"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553332","reference_id":"1553332","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553332"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3065","reference_id":"RHSA-2018:3065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3065"},{"reference_url":"https://usn.ubuntu.com/3615-1/","reference_id":"USN-3615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3615-1/"}],"fixed_packages":[],"aliases":["CVE-2018-5800"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k9d9-tfcf-byf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83596?format=json","vulnerability_id":"VCID-knwc-32r8-b7cu","summary":"LibRaw: NULL pointer dereference in leaf_hdr_load_raw() function in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5806.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5806","reference_id":"","reference_type":"","scores":[{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.59951","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60053","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60024","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60088","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0039","scoring_system":"epss","scoring_elements":"0.60094","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66363","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66349","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66365","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6635","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66372","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66387","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5806"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591897","reference_id":"1591897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1591897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3065","reference_id":"RHSA-2018:3065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3065"}],"fixed_packages":[],"aliases":["CVE-2018-5806"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-knwc-32r8-b7cu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83701?format=json","vulnerability_id":"VCID-nnw4-axam-qbb2","summary":"LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5801.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5801","reference_id":"","reference_type":"","scores":[{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78092","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78101","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.7814","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78146","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78171","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01111","scoring_system":"epss","scoring_elements":"0.78153","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.8138","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81326","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81329","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81358","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01527","scoring_system":"epss","scoring_elements":"0.81364","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5801"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5801","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5801"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553334","reference_id":"1553334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1553334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3065","reference_id":"RHSA-2018:3065","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:3065"},{"reference_url":"https://usn.ubuntu.com/3615-1/","reference_id":"USN-3615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3615-1/"}],"fixed_packages":[],"aliases":["CVE-2018-5801"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnw4-axam-qbb2"}],"fixing_vulnerabilities":[],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libkdcraw@4.10.5-5%3Farch=el7"}