{"url":"http://public2.vulnerablecode.io/api/packages/115014?format=json","purl":"pkg:rpm/redhat/libtiff@3.9.4-18?arch=el6_8","type":"rpm","namespace":"redhat","name":"libtiff","version":"3.9.4-18","qualifiers":{"arch":"el6_8"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58077?format=json","vulnerability_id":"VCID-1ecn-xrs5-hubq","summary":"security update","references":[{"reference_url":"http://openwall.com/lists/oss-security/2015/01/24/16","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2015/01/24/16"},{"reference_url":"http://openwall.com/lists/oss-security/2015/02/07/5","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2015/02/07/5"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1547.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1547.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1547","reference_id":"","reference_type":"","scores":[{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.8901","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.8911","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89099","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89102","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89018","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89034","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89036","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89054","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89058","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.8907","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89064","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89079","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89078","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89074","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89093","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/73438","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/73438"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190709","reference_id":"1190709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190709"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390","reference_id":"777390","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1547","reference_id":"CVE-2015-1547","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-1547"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[],"aliases":["CVE-2015-1547"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ecn-xrs5-hubq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60981?format=json","vulnerability_id":"VCID-5h29-wne5-gbd7","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://packetstormsecurity.com/files/135080/libtiff-4.0.6-Heap-Overflow.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/135080/libtiff-4.0.6-Heap-Overflow.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8668.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8668.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8668","reference_id":"","reference_type":"","scores":[{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91305","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91279","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91278","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91281","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91291","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91289","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91697","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91702","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.9171","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91723","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91729","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91732","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91734","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.9173","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07386","scoring_system":"epss","scoring_elements":"0.91688","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8668"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537208/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/537208/100/0/threaded"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294425","reference_id":"1294425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294425"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046","reference_id":"842046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_server:3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8668","reference_id":"CVE-2015-8668","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8668"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[],"aliases":["CVE-2015-8668"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5h29-wne5-gbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60982?format=json","vulnerability_id":"VCID-81ew-t25a-f7gq","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8683","reference_id":"","reference_type":"","scores":[{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42837","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43186","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43053","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43055","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42972","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43132","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43159","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43098","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43163","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43136","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43196","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/25/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/25/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/26/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/26/1"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/79718","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79718"},{"reference_url":"http://www.securitytracker.com/id/1035508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035508"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294427","reference_id":"1294427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294427"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021","reference_id":"809021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8683","reference_id":"CVE-2015-8683","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8683"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8683"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81ew-t25a-f7gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60986?format=json","vulnerability_id":"VCID-8f48-6u7s-xyht","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2508","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2508"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8784","reference_id":"","reference_type":"","scores":[{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81194","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81346","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81317","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81324","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81329","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81226","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81254","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81259","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81265","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81258","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81294","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81296","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01522","scoring_system":"epss","scoring_elements":"0.81295","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/8"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/81696","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81696"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301652","reference_id":"1301652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301652"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8784","reference_id":"CVE-2015-8784","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8784"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8784"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8f48-6u7s-xyht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60985?format=json","vulnerability_id":"VCID-8kgw-n4zx-uqa8","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8783","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70931","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71061","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.7107","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71079","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70942","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70959","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70934","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70976","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71015","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.70982","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71029","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71036","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/81730","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81730"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8783","reference_id":"CVE-2015-8783","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8783"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8783"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8kgw-n4zx-uqa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60980?format=json","vulnerability_id":"VCID-gp1w-v49g-j3aw","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8665","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43179","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.42945","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43287","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43223","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43158","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43078","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43264","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43201","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43253","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43265","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43286","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43238","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43298","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/24/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/24/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/24/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/24/4"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/79728","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79728"},{"reference_url":"http://www.securitytracker.com/id/1035508","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035508"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294444","reference_id":"1294444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294444"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968","reference_id":"808968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8665","reference_id":"CVE-2015-8665","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8665"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8665"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gp1w-v49g-j3aw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58076?format=json","vulnerability_id":"VCID-gsfh-epay-ckgk","summary":"security update","references":[{"reference_url":"http://openwall.com/lists/oss-security/2015/02/07/5","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2015/02/07/5"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9655.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9655","reference_id":"","reference_type":"","scores":[{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78037","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78186","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.7816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78045","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78074","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78083","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78087","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78096","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78093","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78128","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78127","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.7812","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78154","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"http://www.debian.org/security/2015/dsa-3273","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2015/dsa-3273"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190703","reference_id":"1190703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190703"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390","reference_id":"777390","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:remotesensing:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:remotesensing:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:remotesensing:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9655","reference_id":"CVE-2014-9655","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9655"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2553-1/","reference_id":"USN-2553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2553-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9655"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gsfh-epay-ckgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60983?format=json","vulnerability_id":"VCID-mb38-6e5v-fbah","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8781","reference_id":"","reference_type":"","scores":[{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.83955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84107","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84076","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84082","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84086","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.8397","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.83985","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.83989","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84012","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84018","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84035","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84029","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84024","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84047","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.84049","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02089","scoring_system":"epss","scoring_elements":"0.8405","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/81730","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81730"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8781","reference_id":"CVE-2015-8781","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8781"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8781"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mb38-6e5v-fbah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61000?format=json","vulnerability_id":"VCID-mqad-tkgf-r3ag","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36541","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36111","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36345","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36315","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36229","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36712","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36744","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36581","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36634","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36651","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3666","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.366","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36645","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36628","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36569","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093","reference_id":"1325093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-4/","reference_id":"USN-3212-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-4/"}],"fixed_packages":[],"aliases":["CVE-2016-3945"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mqad-tkgf-r3ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60984?format=json","vulnerability_id":"VCID-n614-w2nh-rqbe","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2522"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8782","reference_id":"","reference_type":"","scores":[{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.8139","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81547","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81526","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.8153","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81422","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81421","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81454","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81476","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81463","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81457","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81494","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81495","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01557","scoring_system":"epss","scoring_elements":"0.81518","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"http://www.debian.org/security/2016/dsa-3467","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3467"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/01/24/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/01/24/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/bid/81730","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/81730"},{"reference_url":"http://www.ubuntu.com/usn/USN-2939-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2939-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8782","reference_id":"CVE-2015-8782","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-8782"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2939-1/","reference_id":"USN-2939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2939-1/"}],"fixed_packages":[],"aliases":["CVE-2015-8782"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n614-w2nh-rqbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60979?format=json","vulnerability_id":"VCID-nyjs-ay8u-13gx","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00078.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00081.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-01/msg00100.html"},{"reference_url":"http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/135078/libtiff-4.0.6-Invalid-Write.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1546.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-1547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7554.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7554","reference_id":"","reference_type":"","scores":[{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.8155","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.8171","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81656","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.8168","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81689","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81693","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81562","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81582","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81609","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81614","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81635","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81622","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81652","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554"},{"reference_url":"http://seclists.org/fulldisclosure/2015/Dec/119","reference_id":"","reference_type":"","scores":[],"url":"http://seclists.org/fulldisclosure/2015/Dec/119"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/12/26/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2015/12/26/7"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"},{"reference_url":"http://www.securityfocus.com/archive/1/537205/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/537205/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/79699","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/79699"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294417","reference_id":"1294417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294417"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809066","reference_id":"809066","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809066"},{"reference_url":"https://security.archlinux.org/ASA-201707-17","reference_id":"ASA-201707-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-17"},{"reference_url":"https://security.archlinux.org/ASA-201707-18","reference_id":"ASA-201707-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-18"},{"reference_url":"https://security.archlinux.org/AVG-5","reference_id":"AVG-5","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-5"},{"reference_url":"https://security.archlinux.org/AVG-87","reference_id":"AVG-87","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-87"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7554","reference_id":"CVE-2015-7554","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-7554"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[],"aliases":["CVE-2015-7554"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nyjs-ay8u-13gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61002?format=json","vulnerability_id":"VCID-pczq-1huj-p7hf","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63271","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63378","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63405","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63331","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63358","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63393","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.6341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63357","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.634","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63377","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249","reference_id":"1326249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[],"aliases":["CVE-2016-3991"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pczq-1huj-p7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58071?format=json","vulnerability_id":"VCID-pf5w-eted-9kc9","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8127.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8127","reference_id":"","reference_type":"","scores":[{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67455","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67587","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67589","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67491","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67512","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.6749","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67541","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67556","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67564","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67531","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67566","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67579","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67558","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00537","scoring_system":"epss","scoring_elements":"0.67577","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185805","reference_id":"1185805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185805"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2553-1/","reference_id":"USN-2553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2553-1/"}],"fixed_packages":[],"aliases":["CVE-2014-8127"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pf5w-eted-9kc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61010?format=json","vulnerability_id":"VCID-qa3t-c5ua-mfdy","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5320.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5320.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346687","reference_id":"1346687","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346687"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[],"aliases":["CVE-2016-5320"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qa3t-c5ua-mfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61001?format=json","vulnerability_id":"VCID-s7s4-ux2t-3yc5","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63378","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63357","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.634","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63377","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63408","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63405","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63375","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63393","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.6341","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64293","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64322","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64279","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00464","scoring_system":"epss","scoring_elements":"0.64236","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246","reference_id":"1326246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570","reference_id":"836570","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[],"aliases":["CVE-2016-3990"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7s4-ux2t-3yc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60996?format=json","vulnerability_id":"VCID-u1mj-pxtw-7qet","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3632.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3632","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66461","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66583","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66594","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66609","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6661","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.665","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66497","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66545","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66566","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66534","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.6657","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66587","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3632"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325095","reference_id":"1325095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325095"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[],"aliases":["CVE-2016-3632"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1mj-pxtw-7qet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60977?format=json","vulnerability_id":"VCID-vn6c-kuq7-k3hv","summary":"Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8130.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8130","reference_id":"","reference_type":"","scores":[{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83896","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.84049","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.84025","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.84028","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83911","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83928","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.8393","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83954","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83961","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83976","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.8397","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83966","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.8399","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.83991","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.84018","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185817","reference_id":"1185817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185817"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2553-1/","reference_id":"USN-2553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2553-1/"}],"fixed_packages":[],"aliases":["CVE-2014-8130"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vn6c-kuq7-k3hv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58075?format=json","vulnerability_id":"VCID-vv32-13t8-1fht","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9330.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9330","reference_id":"","reference_type":"","scores":[{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78622","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78629","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78659","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.7864","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78666","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78673","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78697","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78679","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.78672","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01171","scoring_system":"epss","scoring_elements":"0.787","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80128","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.8013","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80157","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80164","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80178","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80193","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177893","reference_id":"1177893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177893"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773987","reference_id":"773987","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773987"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2553-1/","reference_id":"USN-2553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2553-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9330"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vv32-13t8-1fht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58074?format=json","vulnerability_id":"VCID-z17v-aeta-1qb7","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8129.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8129","reference_id":"","reference_type":"","scores":[{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80798","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80808","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80825","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80861","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80877","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80863","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80855","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80893","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80895","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80896","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80917","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80936","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.80952","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185815","reference_id":"1185815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185815"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/2553-1/","reference_id":"USN-2553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2553-1/"}],"fixed_packages":[],"aliases":["CVE-2014-8129"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z17v-aeta-1qb7"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libtiff@3.9.4-18%3Farch=el6_8"}