{"url":"http://public2.vulnerablecode.io/api/packages/119219?format=json","purl":"pkg:rpm/redhat/libXfont@1.4.5-5?arch=el6_7","type":"rpm","namespace":"redhat","name":"libXfont","version":"1.4.5-5","qualifiers":{"arch":"el6_7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56199?format=json","vulnerability_id":"VCID-19c4-kwxh-kybw","summary":"Multiple vulnerabilities have been found in libXfont, the worst of\n    which could result in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1804","reference_id":"","reference_type":"","scores":[{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84673","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84689","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84709","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84711","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84733","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.8474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84758","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84753","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84747","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.8477","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84768","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84794","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84804","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84819","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84845","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84862","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84858","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02304","scoring_system":"epss","scoring_elements":"0.84873","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203719","reference_id":"1203719","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203719"},{"reference_url":"https://security.gentoo.org/glsa/201507-21","reference_id":"GLSA-201507-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1708","reference_id":"RHSA-2015:1708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1708"},{"reference_url":"https://usn.ubuntu.com/2536-1/","reference_id":"USN-2536-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2536-1/"}],"fixed_packages":[],"aliases":["CVE-2015-1804"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19c4-kwxh-kybw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56197?format=json","vulnerability_id":"VCID-2w1u-kcvp-rygj","summary":"Multiple vulnerabilities have been found in libXfont, the worst of\n    which could result in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1802.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1802","reference_id":"","reference_type":"","scores":[{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82534","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82562","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82559","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82585","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82593","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82611","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82605","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82599","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82635","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82636","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82639","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.8266","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.8267","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82694","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82715","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82736","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.82735","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01759","scoring_system":"epss","scoring_elements":"0.8275","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203715","reference_id":"1203715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203715"},{"reference_url":"https://security.gentoo.org/glsa/201507-21","reference_id":"GLSA-201507-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1708","reference_id":"RHSA-2015:1708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1708"},{"reference_url":"https://usn.ubuntu.com/2536-1/","reference_id":"USN-2536-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2536-1/"}],"fixed_packages":[],"aliases":["CVE-2015-1802"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2w1u-kcvp-rygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56198?format=json","vulnerability_id":"VCID-7sx8-amfh-wuh4","summary":"Multiple vulnerabilities have been found in libXfont, the worst of\n    which could result in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1803.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1803.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1803","reference_id":"","reference_type":"","scores":[{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82275","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82288","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82307","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82329","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82336","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82356","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82349","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82378","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82379","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82382","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82403","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82414","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82418","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82437","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82458","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82479","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82476","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01712","scoring_system":"epss","scoring_elements":"0.82493","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1802"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1803"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203718","reference_id":"1203718","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1203718"},{"reference_url":"https://security.gentoo.org/glsa/201507-21","reference_id":"GLSA-201507-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1708","reference_id":"RHSA-2015:1708","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1708"},{"reference_url":"https://usn.ubuntu.com/2536-1/","reference_id":"USN-2536-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2536-1/"}],"fixed_packages":[],"aliases":["CVE-2015-1803"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7sx8-amfh-wuh4"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libXfont@1.4.5-5%3Farch=el6_7"}