{"url":"http://public2.vulnerablecode.io/api/packages/126441?format=json","purl":"pkg:rpm/redhat/netpbm@10.35.58-8?arch=el4","type":"rpm","namespace":"redhat","name":"netpbm","version":"10.35.58-8","qualifiers":{"arch":"el4"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48600?format=json","vulnerability_id":"VCID-273p-y942-ekes","summary":"Multiple memory management errors in JasPer could result in\n    execution of arbitrary code or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4517.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517","reference_id":"","reference_type":"","scores":[{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97415","published_at":"2026-04-01T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97422","published_at":"2026-04-02T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97426","published_at":"2026-04-04T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97427","published_at":"2026-04-07T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-08T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97435","published_at":"2026-04-09T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.9744","published_at":"2026-04-13T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97448","published_at":"2026-04-16T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97453","published_at":"2026-04-26T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97451","published_at":"2026-04-24T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97455","published_at":"2026-04-29T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97459","published_at":"2026-05-05T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97462","published_at":"2026-05-07T12:55:00Z"},{"value":"0.4213","scoring_system":"epss","scoring_elements":"0.97466","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4517"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4517"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html","reference_id":"071458.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071458.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html","reference_id":"071561.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071561.html"},{"reference_url":"http://secunia.com/advisories/47193","reference_id":"47193","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47193"},{"reference_url":"http://secunia.com/advisories/47306","reference_id":"47306","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47306"},{"reference_url":"http://secunia.com/advisories/47353","reference_id":"47353","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://secunia.com/advisories/47353"},{"reference_url":"http://www.securityfocus.com/bid/50992","reference_id":"50992","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.securityfocus.com/bid/50992"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701","reference_id":"71701","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/71701"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726","reference_id":"747726","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726"},{"reference_url":"http://osvdb.org/77596","reference_id":"77596","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://osvdb.org/77596"},{"reference_url":"http://www.kb.cert.org/vuls/id/887409","reference_id":"887409","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.kb.cert.org/vuls/id/887409"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html","reference_id":"cpujan2012-366304.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html"},{"reference_url":"http://www.debian.org/security/2011/dsa-2371","reference_id":"dsa-2371","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.debian.org/security/2011/dsa-2371"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-12/msg00010.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html","reference_id":"RHSA-2011-1807.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1807.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html","reference_id":"RHSA-2011-1811.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-1811.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1315-1","reference_id":"USN-1315-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T16:11:47Z/"}],"url":"http://www.ubuntu.com/usn/USN-1315-1"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"}],"fixed_packages":[],"aliases":["CVE-2011-4517"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-273p-y942-ekes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48599?format=json","vulnerability_id":"VCID-2hkv-yn4v-6kcy","summary":"Multiple memory management errors in JasPer could result in\n    execution of arbitrary code or a Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4516.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516","reference_id":"","reference_type":"","scores":[{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97733","published_at":"2026-05-09T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9769","published_at":"2026-04-01T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97696","published_at":"2026-04-02T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97698","published_at":"2026-04-04T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97697","published_at":"2026-04-07T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97702","published_at":"2026-04-08T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97705","published_at":"2026-04-09T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97712","published_at":"2026-04-13T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97717","published_at":"2026-04-16T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97721","published_at":"2026-04-26T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.9772","published_at":"2026-04-24T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97726","published_at":"2026-04-29T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97729","published_at":"2026-05-05T12:55:00Z"},{"value":"0.47823","scoring_system":"epss","scoring_elements":"0.97731","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4516"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4516"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726","reference_id":"747726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=747726"},{"reference_url":"https://security.archlinux.org/AVG-99","reference_id":"AVG-99","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-99"},{"reference_url":"https://security.gentoo.org/glsa/201201-10","reference_id":"GLSA-201201-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1807","reference_id":"RHSA-2011:1807","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1807"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0698","reference_id":"RHSA-2015:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0698"},{"reference_url":"https://usn.ubuntu.com/1315-1/","reference_id":"USN-1315-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1315-1/"},{"reference_url":"https://usn.ubuntu.com/1317-1/","reference_id":"USN-1317-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1317-1/"}],"fixed_packages":[],"aliases":["CVE-2011-4516"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2hkv-yn4v-6kcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60622?format=json","vulnerability_id":"VCID-mbac-cudj-wfaj","summary":"A vulnerability in Netpbm could result in execution of arbitrary\n    code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4274.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4274.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4274","reference_id":"","reference_type":"","scores":[{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85582","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85495","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85515","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85524","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85523","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.8554","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85563","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85471","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85467","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02543","scoring_system":"epss","scoring_elements":"0.85491","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85581","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85598","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85604","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85624","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85635","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.8565","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02611","scoring_system":"epss","scoring_elements":"0.85569","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-4274"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4274"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=546580","reference_id":"546580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=546580"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569060","reference_id":"569060","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=569060"},{"reference_url":"https://security.gentoo.org/glsa/201311-08","reference_id":"GLSA-201311-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1811","reference_id":"RHSA-2011:1811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1811"},{"reference_url":"https://usn.ubuntu.com/934-1/","reference_id":"USN-934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/934-1/"}],"fixed_packages":[],"aliases":["CVE-2009-4274"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mbac-cudj-wfaj"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/netpbm@10.35.58-8%3Farch=el4"}