{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","type":"deb","namespace":"debian","name":"tiff","version":"4.2.0-1+deb11u5","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.2.0-1+deb11u6","latest_non_vulnerable_version":"4.7.1-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77774?format=json","vulnerability_id":"VCID-5qdp-vzrd-uqgc","summary":"libtiff: LibTIFF Buffer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8177.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8177.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383608","reference_id":"2383608","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21407","reference_id":"RHSA-2025:21407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21407"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-8177"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qdp-vzrd-uqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46331?format=json","vulnerability_id":"VCID-5zvp-ysut-juep","summary":"Out-of-bounds Write\nA heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3164.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3164.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2213531","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2213531"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/542","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/542"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3164","reference_id":"CVE-2023-3164","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-3164"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3164","reference_id":"CVE-2023-3164","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3164"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132421?format=json","purl":"pkg:deb/debian/tiff@4.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-3164"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zvp-ysut-juep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66699?format=json","vulnerability_id":"VCID-6hf4-rc1a-pbg6","summary":"libtiff: libtiff: Denial of Service via NULL pointer dereference in tif_open.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61143.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61143.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441978","reference_id":"2441978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61143"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hf4-rc1a-pbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46901?format=json","vulnerability_id":"VCID-6v96-k8cs-13f7","summary":"This advisory is a False-Positive and has been removed as it only impacted documentation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52355.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52355.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251326","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251326"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/621","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/621"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-52355","reference_id":"CVE-2023-52355","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-52355"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52355","reference_id":"CVE-2023-52355","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20801","reference_id":"RHSA-2025:20801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132435?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-52355"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6v96-k8cs-13f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66698?format=json","vulnerability_id":"VCID-92dt-g6m8-fufk","summary":"libtiff: libtiff: Denial of Service via buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61144.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61144.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441977","reference_id":"2441977","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441977"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61144"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92dt-g6m8-fufk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42794?format=json","vulnerability_id":"VCID-anfx-xj8v-kfg8","summary":"Out-of-bounds Read error in tiffcrop in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 46dc8fcd.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1056.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1056","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23085","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1056"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/391","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/391"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/307","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233599","reference_id":"2233599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2233599"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1056","reference_id":"CVE-2022-1056","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1056"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json","reference_id":"CVE-2022-1056.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1056.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1056"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-anfx-xj8v-kfg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77013?format=json","vulnerability_id":"VCID-c7nt-5d64-kkev","summary":"libtiff: LibTIFF memory leak","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9165.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9165.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111878","reference_id":"1111878","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111878"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389574","reference_id":"2389574","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2389574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132439?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132438?format=json","purl":"pkg:deb/debian/tiff@4.7.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-9165"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7nt-5d64-kkev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44893?format=json","vulnerability_id":"VCID-d52s-g5c7-qka3","summary":"Out-of-bounds Read\nA flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff versions 4.x.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1916.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1916.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1916","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.06227","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1916"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/536","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/536"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/536,","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/536,"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/537","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/537"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185074","reference_id":"2185074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2185074"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1916","reference_id":"CVE-2023-1916","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1916"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132421?format=json","purl":"pkg:deb/debian/tiff@4.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-1916"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d52s-g5c7-qka3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66697?format=json","vulnerability_id":"VCID-fbks-9s7e-wfcj","summary":"libtiff: libtiff: Denial of service via double free in tiffcrop.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61145.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-61145.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441975","reference_id":"2441975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-61145"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fbks-9s7e-wfcj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77336?format=json","vulnerability_id":"VCID-gyvd-4m8g-jkdu","summary":"libtiff: LibTIFF Stack-based buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8851.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8851.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387618","reference_id":"2387618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2387618"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132421?format=json","purl":"pkg:deb/debian/tiff@4.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-8851"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gyvd-4m8g-jkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45902?format=json","vulnerability_id":"VCID-hhgz-j76b-k7d4","summary":"Loop with Unreachable Exit Condition ('Infinite Loop')\nAn issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40090.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-40090.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40090","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01687","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-40090"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/455","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/455"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/386","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/386"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234970","reference_id":"2234970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2234970"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40090","reference_id":"CVE-2022-40090","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-40090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2289","reference_id":"RHSA-2024:2289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2289"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132411?format=json","purl":"pkg:deb/debian/tiff@4.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-40090"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhgz-j76b-k7d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92079?format=json","vulnerability_id":"VCID-kxdc-8rht-vfdy","summary":"libtiff: Out-of-memory in TIFFOpen via a craft file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6277.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6277.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056751","reference_id":"1056751","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1056751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251311","reference_id":"2251311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251311"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132436?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-6277"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxdc-8rht-vfdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77582?format=json","vulnerability_id":"VCID-n3p5-9ykg-sufd","summary":"libtiff: Libtiff Null Pointer Dereference Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8534.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8534.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386450","reference_id":"2386450","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386450"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-8534"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3p5-9ykg-sufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77237?format=json","vulnerability_id":"VCID-nwgs-pqj7-xkbs","summary":"libtiff: LibTIFF memory corruption","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8961.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8961.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111317","reference_id":"1111317","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111317"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388541","reference_id":"2388541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2388541"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132439?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132442?format=json","purl":"pkg:deb/debian/tiff@4.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-8961"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwgs-pqj7-xkbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77777?format=json","vulnerability_id":"VCID-su9v-ewt3-6ua8","summary":"libtiff: LibTIFF Use-After-Free Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8176.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-8176.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383598","reference_id":"2383598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19113","reference_id":"RHSA-2025:19113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19906","reference_id":"RHSA-2025:19906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20034","reference_id":"RHSA-2025:20034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20956","reference_id":"RHSA-2025:20956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21407","reference_id":"RHSA-2025:21407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21507","reference_id":"RHSA-2025:21507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21508","reference_id":"RHSA-2025:21508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0001","reference_id":"RHSA-2026:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0076","reference_id":"RHSA-2026:0076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0077","reference_id":"RHSA-2026:0077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0078","reference_id":"RHSA-2026:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-8176"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-su9v-ewt3-6ua8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93872?format=json","vulnerability_id":"VCID-xg35-8jbc-wqa4","summary":"libtiff: heap-based buffer overflow in cpStripToTile() in tools/tiffcp.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6228.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6228.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240995","reference_id":"2240995","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2240995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2289","reference_id":"RHSA-2024:2289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5079","reference_id":"RHSA-2024:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5079"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132421?format=json","purl":"pkg:deb/debian/tiff@4.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-6228"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xg35-8jbc-wqa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45239?format=json","vulnerability_id":"VCID-xms6-c2j7-hfh8","summary":"Out-of-bounds Write\nA vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30775.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30775.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187141","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187141"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/464","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/464"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-30775","reference_id":"CVE-2023-30775","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-30775"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30775","reference_id":"CVE-2023-30775","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30775"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132411?format=json","purl":"pkg:deb/debian/tiff@4.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-30775"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xms6-c2j7-hfh8"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4746?format=json","vulnerability_id":"VCID-13fq-85pm-9ucx","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3623.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3623","reference_id":"","reference_type":"","scores":[{"value":"0.02534","scoring_system":"epss","scoring_elements":"0.85723","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325089","reference_id":"1325089","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325089"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3623"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-13fq-85pm-9ucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102691?format=json","vulnerability_id":"VCID-13rf-k1e8-yydu","summary":"libtiff up to 3.7.0 allows remote attackers to cause a denial of service (application crash) via a TIFF image header with a zero \"YCbCr subsampling\" value, which causes a divide-by-zero error in (1) tif_strip.c and (2) tif_tile.c, a different vulnerability than CVE-2004-0804.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2452","reference_id":"","reference_type":"","scores":[{"value":"0.01344","scoring_system":"epss","scoring_elements":"0.80383","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2452"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132055?format=json","purl":"pkg:deb/debian/tiff@3.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2005-2452"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-13rf-k1e8-yydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4708?format=json","vulnerability_id":"VCID-19y7-v51n-pfa5","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7554.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7554","reference_id":"","reference_type":"","scores":[{"value":"0.01587","scoring_system":"epss","scoring_elements":"0.81955","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294417","reference_id":"1294417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294417"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809066","reference_id":"809066","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809066"},{"reference_url":"https://security.archlinux.org/ASA-201707-17","reference_id":"ASA-201707-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-17"},{"reference_url":"https://security.archlinux.org/ASA-201707-18","reference_id":"ASA-201707-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-18"},{"reference_url":"https://security.archlinux.org/AVG-5","reference_id":"AVG-5","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-5"},{"reference_url":"https://security.archlinux.org/AVG-87","reference_id":"AVG-87","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-87"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132185?format=json","purl":"pkg:deb/debian/tiff@4.0.7-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-7554"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19y7-v51n-pfa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102729?format=json","vulnerability_id":"VCID-1w9h-z5g1-6kcb","summary":"LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and does not properly handle this during the second stage, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2631.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2631.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2631","reference_id":"","reference_type":"","scores":[{"value":"0.05374","scoring_system":"epss","scoring_elements":"0.90262","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2631"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=611890","reference_id":"611890","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=611890"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34279.txt","reference_id":"CVE-2010-2631;OSVDB-66090","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34279.txt"},{"reference_url":"https://www.securityfocus.com/bid/41477/info","reference_id":"CVE-2010-2631;OSVDB-66090","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/41477/info"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2631"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1w9h-z5g1-6kcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102795?format=json","vulnerability_id":"VCID-24bg-v8c6-q3f6","summary":"In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9117.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9117","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29565","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456756","reference_id":"1456756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456756"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9117"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24bg-v8c6-q3f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102781?format=json","vulnerability_id":"VCID-29an-d9j1-subv","summary":"In LibTIFF 4.0.9, there is a heap-based buffer over-read in the function PackBitsEncode in tif_packbits.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17942.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17942.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17942","reference_id":"","reference_type":"","scores":[{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61529","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17942"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529524","reference_id":"1529524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529524"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885579","reference_id":"885579","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885579"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17942"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-29an-d9j1-subv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44446?format=json","vulnerability_id":"VCID-2chc-4dg7-eyah","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0801.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0801","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07847","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0801"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/498","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/498"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170172","reference_id":"2170172","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170172"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0801","reference_id":"CVE-2023-0801","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0801"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json","reference_id":"CVE-2023-0801.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0801.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5353","reference_id":"RHSA-2023:5353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0801"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2chc-4dg7-eyah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102758?format=json","vulnerability_id":"VCID-2fkp-y8v2-hqck","summary":"tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds writes) via a crafted TIFF image, a different vulnerability than CVE-2015-8781.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8782","reference_id":"","reference_type":"","scores":[{"value":"0.01053","scoring_system":"epss","scoring_elements":"0.7791","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8782"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fkp-y8v2-hqck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102814?format=json","vulnerability_id":"VCID-2mct-5s36-3qeq","summary":"In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19210.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19210","reference_id":"","reference_type":"","scores":[{"value":"0.06297","scoring_system":"epss","scoring_elements":"0.91104","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19210"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649385","reference_id":"1649385","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1649385"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913675","reference_id":"913675","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913675"},{"reference_url":"https://security.gentoo.org/glsa/202003-25","reference_id":"GLSA-202003-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132376?format=json","purl":"pkg:deb/debian/tiff@4.0.10-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-19210"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2mct-5s36-3qeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44431?format=json","vulnerability_id":"VCID-2q3f-jw6b-w7dp","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6921, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0797.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0797","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02067","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0797"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/495","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/495"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170151","reference_id":"2170151","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170151"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0797","reference_id":"CVE-2023-0797","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0797"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json","reference_id":"CVE-2023-0797.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0797.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0797"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2q3f-jw6b-w7dp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102719?format=json","vulnerability_id":"VCID-2ry3-axph-dfbm","summary":"tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF image, related to \"downsampled OJPEG input.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2233.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2233","reference_id":"","reference_type":"","scores":[{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.85257","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2233"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=607198","reference_id":"607198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=607198"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132087?format=json","purl":"pkg:deb/debian/tiff@3.9.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2233"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ry3-axph-dfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3174?format=json","vulnerability_id":"VCID-2z91-euur-mkg6","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1622.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1622","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27941","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1622"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/410","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/410"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2084269","reference_id":"2084269","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2084269"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1622","reference_id":"CVE-2022-1622","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1622"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json","reference_id":"CVE-2022-1622.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1622.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1622"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2z91-euur-mkg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4736?format=json","vulnerability_id":"VCID-346w-g3br-qyfj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63679","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249","reference_id":"1326249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3991"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-346w-g3br-qyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45135?format=json","vulnerability_id":"VCID-38yd-3y7b-dyds","summary":"Out-of-bounds Write\nBuffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c.","references":[{"reference_url":"http://libtiff-release-v4-0-7.com","reference_id":"","reference_type":"","scores":[],"url":"http://libtiff-release-v4-0-7.com"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30086.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30086.json"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/538","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/538"},{"reference_url":"http://tiffcp.com","reference_id":"","reference_type":"","scores":[],"url":"http://tiffcp.com"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2203650","reference_id":"2203650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2203650"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30086","reference_id":"CVE-2023-30086","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-30086"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-38yd-3y7b-dyds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102804?format=json","vulnerability_id":"VCID-3hc7-p5t2-vuht","summary":"TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10801.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10801.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10801","reference_id":"","reference_type":"","scores":[{"value":"0.00405","scoring_system":"epss","scoring_elements":"0.61348","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10801"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1577392","reference_id":"1577392","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1577392"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-10801"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3hc7-p5t2-vuht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3165?format=json","vulnerability_id":"VCID-3xy1-2v4a-yqdk","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2868.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2868.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2868","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03598","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2868"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118863","reference_id":"2118863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118863"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2868"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3xy1-2v4a-yqdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4717?format=json","vulnerability_id":"VCID-4gq3-smes-y3ej","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9532.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9532","reference_id":"","reference_type":"","scores":[{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69444","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397726","reference_id":"1397726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397726"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844057","reference_id":"844057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844057"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9532"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gq3-smes-y3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102679?format=json","vulnerability_id":"VCID-4njj-sjhk-wycq","summary":"Vulnerability in tif_dirread.c for libtiff allows remote attackers to cause a denial of service (application crash) via a TIFF image that causes a divide-by-zero error when the number of row bytes is zero, a different vulnerability than CVE-2005-2452.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0804","reference_id":"","reference_type":"","scores":[{"value":"0.19172","scoring_system":"epss","scoring_elements":"0.95473","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617295","reference_id":"1617295","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617295"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:577","reference_id":"RHSA-2004:577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:021","reference_id":"RHSA-2005:021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:354","reference_id":"RHSA-2005:354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:354"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132044?format=json","purl":"pkg:deb/debian/tiff@3.6.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.6.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0804"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4njj-sjhk-wycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3157?format=json","vulnerability_id":"VCID-4nzz-rnew-73e7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3970.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3970.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3970","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29935","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3970"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024737","reference_id":"1024737","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024737"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2148918","reference_id":"2148918","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2148918"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2883","reference_id":"RHSA-2023:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132407?format=json","purl":"pkg:deb/debian/tiff@4.4.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3970"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4nzz-rnew-73e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102821?format=json","vulnerability_id":"VCID-4ry5-9ggw-zkh8","summary":"Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the \"TIFFVGetField\" funtion in the component 'libtiff/tif_dir.c'.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19143.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19143.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19143","reference_id":"","reference_type":"","scores":[{"value":"0.00972","scoring_system":"epss","scoring_elements":"0.76975","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19143"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003801","reference_id":"2003801","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003801"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132396?format=json","purl":"pkg:deb/debian/tiff@4.1.0%2Bgit201212-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.1.0%252Bgit201212-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-19143"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ry5-9ggw-zkh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3168?format=json","vulnerability_id":"VCID-5652-c7tg-6uft","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2520","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1825","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2520"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670","reference_id":"1024670","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122792","reference_id":"2122792","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122792"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132407?format=json","purl":"pkg:deb/debian/tiff@4.4.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2520"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5652-c7tg-6uft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4714?format=json","vulnerability_id":"VCID-5bpk-63mp-myea","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9535.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9535","reference_id":"","reference_type":"","scores":[{"value":"0.00604","scoring_system":"epss","scoring_elements":"0.69974","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397755","reference_id":"1397755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397755"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9535"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bpk-63mp-myea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102710?format=json","vulnerability_id":"VCID-5ev1-3p3b-2bhw","summary":"TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving \"unchecked arithmetic operations\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3464.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3464.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3464","reference_id":"","reference_type":"","scores":[{"value":"0.01257","scoring_system":"epss","scoring_elements":"0.7972","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3464"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ev1-3p3b-2bhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102791?format=json","vulnerability_id":"VCID-5pcg-xe5q-1qdt","summary":"LibTIFF 4.0.7 has an \"outside the range of representable values of type short\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7599.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7599","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38978","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7599"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441259","reference_id":"1441259","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441259"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7599"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5pcg-xe5q-1qdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102734?format=json","vulnerability_id":"VCID-5xej-h5pw-f7hf","summary":"Heap-based buffer overflow in the thunder (aka ThunderScan) decoder in tif_thunder.c in LibTIFF 3.9.4 and earlier allows remote attackers to execute arbitrary code via crafted THUNDER_2BITDELTAS data in a .tiff file that has an unexpected BitsPerSample value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1167.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1167.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1167","reference_id":"","reference_type":"","scores":[{"value":"0.05526","scoring_system":"epss","scoring_elements":"0.90414","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619614","reference_id":"619614","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=619614"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=684939","reference_id":"684939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=684939"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0392","reference_id":"RHSA-2011:0392","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0392"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132125?format=json","purl":"pkg:deb/debian/tiff@3.9.4-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2011-1167"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xej-h5pw-f7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102809?format=json","vulnerability_id":"VCID-611d-157a-4fc3","summary":"newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16335.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16335","reference_id":"","reference_type":"","scores":[{"value":"0.01918","scoring_system":"epss","scoring_elements":"0.83667","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16335"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1624981","reference_id":"1624981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1624981"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907795","reference_id":"907795","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=907795"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132317?format=json","purl":"pkg:deb/debian/tiff@4.0.9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-16335"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-611d-157a-4fc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6204?format=json","vulnerability_id":"VCID-631h-1ukc-2kbr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8905.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8905","reference_id":"","reference_type":"","scores":[{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.71013","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559704","reference_id":"1559704","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559704"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893806","reference_id":"893806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893806"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-813","reference_id":"AVG-813","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132374?format=json","purl":"pkg:deb/debian/tiff@4.0.9-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-8905"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-631h-1ukc-2kbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102808?format=json","vulnerability_id":"VCID-672k-12q2-5ybx","summary":"ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15209.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15209","reference_id":"","reference_type":"","scores":[{"value":"0.00628","scoring_system":"epss","scoring_elements":"0.70627","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15209"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1614051","reference_id":"1614051","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1614051"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905798","reference_id":"905798","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5079","reference_id":"RHSA-2024:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5079"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132317?format=json","purl":"pkg:deb/debian/tiff@4.0.9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-15209"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-672k-12q2-5ybx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102741?format=json","vulnerability_id":"VCID-67tc-akwj-m7et","summary":"ppm2tiff does not check the return value of the TIFFScanlineSize function, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted PPM image that triggers an integer overflow, a zero-memory allocation, and a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4564.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4564.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4564","reference_id":"","reference_type":"","scores":[{"value":"0.27173","scoring_system":"epss","scoring_elements":"0.96482","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4564"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692345","reference_id":"692345","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=692345"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=871700","reference_id":"871700","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=871700"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1590","reference_id":"RHSA-2012:1590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1590"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132142?format=json","purl":"pkg:deb/debian/tiff@4.0.2-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4564"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67tc-akwj-m7et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6205?format=json","vulnerability_id":"VCID-6bqr-yf8y-xba6","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7456.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7456.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7456","reference_id":"","reference_type":"","scores":[{"value":"0.00689","scoring_system":"epss","scoring_elements":"0.72151","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1556708","reference_id":"1556708","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1556708"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891288","reference_id":"891288","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891288"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-813","reference_id":"AVG-813","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2051","reference_id":"RHSA-2019:2051","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132317?format=json","purl":"pkg:deb/debian/tiff@4.0.9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7456"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bqr-yf8y-xba6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44445?format=json","vulnerability_id":"VCID-6daw-xvw5-tyfw","summary":"Use After Free\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3701, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0799.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0799","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02905","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0799"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/494","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/494"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170162","reference_id":"2170162","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170162"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0799","reference_id":"CVE-2023-0799","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0799"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json","reference_id":"CVE-2023-0799.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0799.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0799"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6daw-xvw5-tyfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4756?format=json","vulnerability_id":"VCID-6f7j-jffy-g3h1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8130.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8130","reference_id":"","reference_type":"","scores":[{"value":"0.02075","scoring_system":"epss","scoring_elements":"0.84274","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8130"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185817","reference_id":"1185817","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185817"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132170?format=json","purl":"pkg:deb/debian/tiff@4.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-8130"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6f7j-jffy-g3h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4734?format=json","vulnerability_id":"VCID-6j88-9v6m-aqaa","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5314.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5314.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5314","reference_id":"","reference_type":"","scores":[{"value":"0.01026","scoring_system":"epss","scoring_elements":"0.77631","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346697","reference_id":"1346697","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700","reference_id":"830700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5314"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6j88-9v6m-aqaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44576?format=json","vulnerability_id":"VCID-6rz4-7zc4-bfcd","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4645.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4645.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4645","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01931","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4645"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/e813112545942107551433d61afd16ac094ff246"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/277","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/277"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176220","reference_id":"2176220","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2176220"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4645","reference_id":"CVE-2022-4645","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-4645"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json","reference_id":"CVE-2022-4645.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4645.json"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3059","reference_id":"RHSA-2024:3059","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-4645"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rz4-7zc4-bfcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6220?format=json","vulnerability_id":"VCID-6vbx-9hme-ckgy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18557.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18557.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18557","reference_id":"","reference_type":"","scores":[{"value":"0.23568","scoring_system":"epss","scoring_elements":"0.96082","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644229","reference_id":"1644229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644229"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911635","reference_id":"911635","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911635"},{"reference_url":"https://security.archlinux.org/ASA-201811-17","reference_id":"ASA-201811-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-17"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-790","reference_id":"AVG-790","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-790"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1697","reference_id":"CVE-2018-18557","reference_type":"exploit","scores":[],"url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1697"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45694.c","reference_id":"CVE-2018-18557","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45694.c"},{"reference_url":"https://security.gentoo.org/glsa/201904-15","reference_id":"GLSA-201904-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201904-15"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132379?format=json","purl":"pkg:deb/debian/tiff@4.0.9%2Bgit181026-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9%252Bgit181026-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-18557"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6vbx-9hme-ckgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3167?format=json","vulnerability_id":"VCID-72yn-u5c2-qkfd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2521","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31165","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2521"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670","reference_id":"1024670","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122799","reference_id":"2122799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122799"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132407?format=json","purl":"pkg:deb/debian/tiff@4.4.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2521"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-72yn-u5c2-qkfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102733?format=json","vulnerability_id":"VCID-76z6-kfju-xfee","summary":"Buffer overflow in Fax4Decode in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF Internet Fax image file that has been compressed using CCITT Group 4 encoding, related to the EXPAND2D macro in libtiff/tif_fax3.h.  NOTE: some of these details are obtained from third party information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0192.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0192.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0192","reference_id":"","reference_type":"","scores":[{"value":"0.09355","scoring_system":"epss","scoring_elements":"0.92927","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0192"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=678635","reference_id":"678635","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=678635"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0318","reference_id":"RHSA-2011:0318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0318"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132121?format=json","purl":"pkg:deb/debian/tiff@3.9.4-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0192"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76z6-kfju-xfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6219?format=json","vulnerability_id":"VCID-7fq4-rz4j-nye3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18661.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18661","reference_id":"","reference_type":"","scores":[{"value":"0.00185","scoring_system":"epss","scoring_elements":"0.39977","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644448","reference_id":"1644448","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1644448"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912012","reference_id":"912012","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912012"},{"reference_url":"https://security.archlinux.org/ASA-201811-17","reference_id":"ASA-201811-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-17"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-790","reference_id":"AVG-790","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-790"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132386?format=json","purl":"pkg:deb/debian/tiff@4.0.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-18661"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fq4-rz4j-nye3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102742?format=json","vulnerability_id":"VCID-7js7-qg73-fudp","summary":"Stack-based buffer overflow in tif_dir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5581.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5581","reference_id":"","reference_type":"","scores":[{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5581"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694693","reference_id":"694693","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=867235","reference_id":"867235","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=867235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1590","reference_id":"RHSA-2012:1590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1590"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132133?format=json","purl":"pkg:deb/debian/tiff@4.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-5581"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7js7-qg73-fudp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102722?format=json","vulnerability_id":"VCID-8aw8-jxsa-q3eh","summary":"LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted TIFF file, a different vulnerability than CVE-2010-2443.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2482.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2482.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2482","reference_id":"","reference_type":"","scores":[{"value":"0.18826","scoring_system":"epss","scoring_elements":"0.95421","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2482"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=608010","reference_id":"608010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=608010"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/14573.txt","reference_id":"CVE-2010-2482;OSVDB-66083","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/14573.txt"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2482"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8aw8-jxsa-q3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102822?format=json","vulnerability_id":"VCID-8dyu-ua2v-x7hf","summary":"Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19144.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19144.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19144","reference_id":"","reference_type":"","scores":[{"value":"0.01504","scoring_system":"epss","scoring_elements":"0.81493","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003799","reference_id":"2003799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2003799"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132394?format=json","purl":"pkg:deb/debian/tiff@4.0.10%2Bgit190814-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10%252Bgit190814-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-19144"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dyu-ua2v-x7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102693?format=json","vulnerability_id":"VCID-8fqg-6vqy-q3gc","summary":"Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain \"codec cleanup methods\" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2024.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2024.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2024","reference_id":"","reference_type":"","scores":[{"value":"0.14948","scoring_system":"epss","scoring_elements":"0.94683","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2024"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618083","reference_id":"1618083","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618083"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27762.txt","reference_id":"CVE-2006-2024;OSVDB-25018","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27762.txt"},{"reference_url":"https://www.securityfocus.com/bid/17730/info","reference_id":"CVE-2006-2024;OSVDB-25018","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/17730/info"},{"reference_url":"https://security.gentoo.org/glsa/200605-17","reference_id":"GLSA-200605-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200605-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0425","reference_id":"RHSA-2006:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132057?format=json","purl":"pkg:deb/debian/tiff@3.8.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2024"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fqg-6vqy-q3gc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3166?format=json","vulnerability_id":"VCID-8hrj-ge12-v3d9","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2867.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2867","reference_id":"","reference_type":"","scores":[{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.03708","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2867"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118847","reference_id":"2118847","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118847"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2867"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8hrj-ge12-v3d9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102712?format=json","vulnerability_id":"VCID-8mtb-bxav-cqc4","summary":"Multiple buffer underflows in the (1) LZWDecode, (2) LZWDecodeCompat, and (3) LZWDecodeVector functions in tif_lzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODE_CLEAR code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2327.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2327.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2327","reference_id":"","reference_type":"","scores":[{"value":"0.01508","scoring_system":"epss","scoring_elements":"0.81511","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2327"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=458674","reference_id":"458674","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=458674"},{"reference_url":"https://security.gentoo.org/glsa/200809-07","reference_id":"GLSA-200809-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200809-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0847","reference_id":"RHSA-2008:0847","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0847"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0848","reference_id":"RHSA-2008:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0863","reference_id":"RHSA-2008:0863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0863"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132070?format=json","purl":"pkg:deb/debian/tiff@3.8.2-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2008-2327"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8mtb-bxav-cqc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45464?format=json","vulnerability_id":"VCID-8pzd-tzc6-w7a8","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nlibtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesShifted8bits() at /libtiff/tools/tiffcrop.c:3753.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25435.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25435","reference_id":"","reference_type":"","scores":[{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16637","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25435"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/518","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/518"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216614","reference_id":"2216614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216614"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25435","reference_id":"CVE-2023-25435","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25435"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-25435"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8pzd-tzc6-w7a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102714?format=json","vulnerability_id":"VCID-8sey-6qs1-vbb5","summary":"Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large (1) width and (2) height values, which triggers a heap-based buffer overflow in the (a) cvt_whole_image function in tiff2rgba and (b) tiffcvt function in rgb2ycbcr.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2347.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2347.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2347","reference_id":"","reference_type":"","scores":[{"value":"0.01061","scoring_system":"epss","scoring_elements":"0.77985","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2347"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=510041","reference_id":"510041","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=510041"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1159","reference_id":"RHSA-2009:1159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132076?format=json","purl":"pkg:deb/debian/tiff@3.8.2-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2009-2347"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8sey-6qs1-vbb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4748?format=json","vulnerability_id":"VCID-8t9a-wr15-s3gj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3621.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3621","reference_id":"","reference_type":"","scores":[{"value":"0.00676","scoring_system":"epss","scoring_elements":"0.71873","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3621"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324822","reference_id":"1324822","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324822"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820364","reference_id":"820364","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820364"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3621"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8t9a-wr15-s3gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102792?format=json","vulnerability_id":"VCID-98hw-rjd6-p3ab","summary":"LibTIFF 4.0.7 has an \"outside the range of representable values of type unsigned char\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7600.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7600","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52605","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7600"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441260","reference_id":"1441260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441260"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7600"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-98hw-rjd6-p3ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4923?format=json","vulnerability_id":"VCID-9fb5-82gn-c7em","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0909.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0909.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0909","reference_id":"","reference_type":"","scores":[{"value":"0.00203","scoring_system":"epss","scoring_elements":"0.42329","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/393","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/393"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/310","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/310"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064146","reference_id":"2064146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064146"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0909","reference_id":"CVE-2022-0909","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0909"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json","reference_id":"CVE-2022-0909.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0909.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132400?format=json","purl":"pkg:deb/debian/tiff@4.3.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0909"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9fb5-82gn-c7em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102769?format=json","vulnerability_id":"VCID-9tzh-51wj-u3g9","summary":"LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 8\" and libtiff/tif_read.c:523:22.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10270.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10270","reference_id":"","reference_type":"","scores":[{"value":"0.00617","scoring_system":"epss","scoring_elements":"0.70327","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10270"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438441","reference_id":"1438441","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846837","reference_id":"846837","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=846837"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10270"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9tzh-51wj-u3g9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102759?format=json","vulnerability_id":"VCID-9ufr-s5hf-j3bg","summary":"tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds reads) via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8783","reference_id":"","reference_type":"","scores":[{"value":"0.00441","scoring_system":"epss","scoring_elements":"0.6355","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8783"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ufr-s5hf-j3bg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3173?format=json","vulnerability_id":"VCID-9vzm-g4pv-dkga","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1623.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1623.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1623","reference_id":"","reference_type":"","scores":[{"value":"0.00332","scoring_system":"epss","scoring_elements":"0.56347","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1623"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/b4e79bfa0c7d2d08f6f1e7ec38143fc8cb11394a"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/410","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/410"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2084260","reference_id":"2084260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2084260"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1623","reference_id":"CVE-2022-1623","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-1623"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json","reference_id":"CVE-2022-1623.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1623.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1623"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9vzm-g4pv-dkga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102717?format=json","vulnerability_id":"VCID-adgf-gyyp-9ubc","summary":"Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted TIFF file that triggers a buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2065.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2065.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2065","reference_id":"","reference_type":"","scores":[{"value":"0.02797","scoring_system":"epss","scoring_elements":"0.86376","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2065"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=601274","reference_id":"601274","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=601274"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2065"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adgf-gyyp-9ubc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4716?format=json","vulnerability_id":"VCID-ajjg-j3u3-87hb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9533.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9533","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45092","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397769","reference_id":"1397769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397769"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9533"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajjg-j3u3-87hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3161?format=json","vulnerability_id":"VCID-am9k-887b-zbhh","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3570.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3570","reference_id":"","reference_type":"","scores":[{"value":"7e-05","scoring_system":"epss","scoring_elements":"0.00661","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3570"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142734","reference_id":"2142734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142734"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3570"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-am9k-887b-zbhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4735?format=json","vulnerability_id":"VCID-aqsc-pckt-8kb6","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5102.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5102.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5102","reference_id":"","reference_type":"","scores":[{"value":"0.00602","scoring_system":"epss","scoring_elements":"0.69911","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343407","reference_id":"1343407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1343407"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5102"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aqsc-pckt-8kb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45521?format=json","vulnerability_id":"VCID-arvt-qqf4-wbg2","summary":"NULL Pointer Dereference\nA null pointer dereference issue was discovered in Libtiff's tif_dir.c file. This flaw allows an attacker to pass a crafted TIFF image file to the tiffcp utility, which triggers runtime error, causing an undefined behavior, resulting in an application crash, eventually leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2908.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2908.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218830","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218830"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/9bd48f0dbd64fb94dc2b5b05238fde0bfdd4ff3f"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/479","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/479"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-2908","reference_id":"CVE-2023-2908","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-2908"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2908","reference_id":"CVE-2023-2908","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2908"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-2908"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-arvt-qqf4-wbg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89613?format=json","vulnerability_id":"VCID-aw5d-2n95-m3fj","summary":"libtiff: NULL pointer dereference in tif_dirinfo.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7006.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7006.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078648","reference_id":"1078648","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078648"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2302996","reference_id":"2302996","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2302996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6360","reference_id":"RHSA-2024:6360","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:6360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8833","reference_id":"RHSA-2024:8833","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8833"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8914","reference_id":"RHSA-2024:8914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:8914"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132440?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2024-7006"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aw5d-2n95-m3fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102807?format=json","vulnerability_id":"VCID-ayaa-beyt-xkcu","summary":"Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12900.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12900.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12900","reference_id":"","reference_type":"","scores":[{"value":"0.09894","scoring_system":"epss","scoring_elements":"0.93143","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12900"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595575","reference_id":"1595575","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1595575"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902718","reference_id":"902718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902718"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3419","reference_id":"RHSA-2019:3419","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3419"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132376?format=json","purl":"pkg:deb/debian/tiff@4.0.10-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-12900"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayaa-beyt-xkcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4926?format=json","vulnerability_id":"VCID-b1uw-w9nk-v3ht","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0891.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0891","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08582","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/232282fd8f9c21eefe8d2d2b96cdbbb172fe7b7c"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/380","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/380"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/382","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/382"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064411","reference_id":"2064411","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064411"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0891","reference_id":"CVE-2022-0891","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0891"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json","reference_id":"CVE-2022-0891.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0891.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132400?format=json","purl":"pkg:deb/debian/tiff@4.3.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0891"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b1uw-w9nk-v3ht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102794?format=json","vulnerability_id":"VCID-bg9z-zm7j-8kdh","summary":"LibTIFF 4.0.7 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7602.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7602","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52104","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441263","reference_id":"1441263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441263"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7602"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bg9z-zm7j-8kdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44437?format=json","vulnerability_id":"VCID-bhkq-eqaw-1fba","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0800.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0800.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0800","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07847","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0800"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/496","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/496"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170167","reference_id":"2170167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170167"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0800","reference_id":"CVE-2023-0800","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0800"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json","reference_id":"CVE-2023-0800.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0800.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5353","reference_id":"RHSA-2023:5353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0800"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhkq-eqaw-1fba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4752?format=json","vulnerability_id":"VCID-bmhd-pxe4-5kg3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8683","reference_id":"","reference_type":"","scores":[{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43112","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294427","reference_id":"1294427","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294427"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021","reference_id":"809021","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8683"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bmhd-pxe4-5kg3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102731?format=json","vulnerability_id":"VCID-bqku-p44f-pbda","summary":"Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF file containing a directory data structure with many directory entries.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4665.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4665","reference_id":"","reference_type":"","scores":[{"value":"0.02306","scoring_system":"epss","scoring_elements":"0.85044","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4665"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=695887","reference_id":"695887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=695887"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132115?format=json","purl":"pkg:deb/debian/tiff@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-4665"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqku-p44f-pbda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102709?format=json","vulnerability_id":"VCID-bsga-3u4w-g7ek","summary":"The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3463.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3463.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3463","reference_id":"","reference_type":"","scores":[{"value":"0.03648","scoring_system":"epss","scoring_elements":"0.88068","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3463"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3463"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsga-3u4w-g7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102677?format=json","vulnerability_id":"VCID-bx4n-15rr-4yem","summary":"Multiple vulnerabilities in the RLE (run length encoding) decoders for libtiff 3.6.1 and earlier, related to buffer overflows and integer overflows, allow remote attackers to execute arbitrary code via TIFF files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0803.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0803.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0803","reference_id":"","reference_type":"","scores":[{"value":"0.17883","scoring_system":"epss","scoring_elements":"0.95265","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0803"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617294","reference_id":"1617294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:577","reference_id":"RHSA-2004:577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:021","reference_id":"RHSA-2005:021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:354","reference_id":"RHSA-2005:354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:354"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132044?format=json","purl":"pkg:deb/debian/tiff@3.6.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.6.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0803"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bx4n-15rr-4yem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45236?format=json","vulnerability_id":"VCID-c9w3-hck6-q3g1","summary":"Out-of-bounds Write\nA vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30774.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-30774.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187139","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2187139"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/463","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/463"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-30774","reference_id":"CVE-2023-30774","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-30774"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30774","reference_id":"CVE-2023-30774","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-30774"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-30774"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9w3-hck6-q3g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102763?format=json","vulnerability_id":"VCID-canh-syw2-zyeq","summary":"Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10093.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10093.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10093","reference_id":"","reference_type":"","scores":[{"value":"0.00747","scoring_system":"epss","scoring_elements":"0.73449","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10093"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410116","reference_id":"1410116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410116"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10093"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-canh-syw2-zyeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102629?format=json","vulnerability_id":"VCID-canj-96xs-8kg7","summary":"libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3626.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3626.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3626","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11882","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3626"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142741","reference_id":"2142741","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142741"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3626"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-canj-96xs-8kg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44430?format=json","vulnerability_id":"VCID-ccsd-p6nq-93ae","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0802.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0802.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0802","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07847","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0802"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/500","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/500"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170178","reference_id":"2170178","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170178"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0802","reference_id":"CVE-2023-0802","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0802"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json","reference_id":"CVE-2023-0802.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0802.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5353","reference_id":"RHSA-2023:5353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0802"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccsd-p6nq-93ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102692?format=json","vulnerability_id":"VCID-cgpe-7uhj-kbem","summary":"The TIFFFetchShortPair function in tif_dirread.c in libtiff 3.8.0 allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers a NULL pointer dereference, possibly due to changes in type declarations and/or the TIFFVSetField function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0405.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0405.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0405","reference_id":"","reference_type":"","scores":[{"value":"0.01836","scoring_system":"epss","scoring_elements":"0.83283","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0405"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350715","reference_id":"350715","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350715"},{"reference_url":"https://security.gentoo.org/glsa/200605-17","reference_id":"GLSA-200605-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200605-17"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132056?format=json","purl":"pkg:deb/debian/tiff@3.8.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-0405"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cgpe-7uhj-kbem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77602?format=json","vulnerability_id":"VCID-cpk7-uyvf-3kb6","summary":"libtiff: LibTIFF Null Pointer Dereference","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13978.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13978.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111323","reference_id":"1111323","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111323"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386059","reference_id":"2386059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2386059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132437?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132439?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132438?format=json","purl":"pkg:deb/debian/tiff@4.7.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2024-13978"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cpk7-uyvf-3kb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102686?format=json","vulnerability_id":"VCID-czxj-jw7x-7kbs","summary":"Integer overflow in (1) tif_dirread.c and (2) tif_fax3.c for libtiff 3.5.7 and 3.7.0 allows remote attackers to execute arbitrary code via a TIFF file containing a TIFF_ASCII or TIFF_UNDEFINED directory entry with a -1 entry count, which leads to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1308.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1308","reference_id":"","reference_type":"","scores":[{"value":"0.12685","scoring_system":"epss","scoring_elements":"0.94115","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1308"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617406","reference_id":"1617406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617406"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:019","reference_id":"RHSA-2005:019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:021","reference_id":"RHSA-2005:021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:035","reference_id":"RHSA-2005:035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:035"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132052?format=json","purl":"pkg:deb/debian/tiff@3.6.1-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.6.1-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-1308"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-czxj-jw7x-7kbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102730?format=json","vulnerability_id":"VCID-d187-r77e-8bhn","summary":"LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3087.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3087.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3087","reference_id":"","reference_type":"","scores":[{"value":"0.01787","scoring_system":"epss","scoring_elements":"0.8308","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3087"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600188","reference_id":"600188","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=600188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=638301","reference_id":"638301","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=638301"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132111?format=json","purl":"pkg:deb/debian/tiff@3.9.4-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-3087"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d187-r77e-8bhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4745?format=json","vulnerability_id":"VCID-d1v8-kg4j-ayek","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3624.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3624.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3624","reference_id":"","reference_type":"","scores":[{"value":"0.01325","scoring_system":"epss","scoring_elements":"0.80247","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325090","reference_id":"1325090","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325090"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3624"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1v8-kg4j-ayek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74631?format=json","vulnerability_id":"VCID-d4hm-me5r-g7ck","summary":"libtiff: Libtiff Write-What-Where","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9900.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9900.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784","reference_id":"2392784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17651","reference_id":"RHSA-2025:17651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17651"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17675","reference_id":"RHSA-2025:17675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17710","reference_id":"RHSA-2025:17710","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17710"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17738","reference_id":"RHSA-2025:17738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17739","reference_id":"RHSA-2025:17739","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17740","reference_id":"RHSA-2025:17740","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:17740"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19113","reference_id":"RHSA-2025:19113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19156","reference_id":"RHSA-2025:19156","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19156"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19276","reference_id":"RHSA-2025:19276","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19276"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19906","reference_id":"RHSA-2025:19906","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19906"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19947","reference_id":"RHSA-2025:19947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20956","reference_id":"RHSA-2025:20956","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20956"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20998","reference_id":"RHSA-2025:20998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20998"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21060","reference_id":"RHSA-2025:21060","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21060"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21061","reference_id":"RHSA-2025:21061","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21061"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21062","reference_id":"RHSA-2025:21062","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21062"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21407","reference_id":"RHSA-2025:21407","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21407"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21506","reference_id":"RHSA-2025:21506","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21506"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21507","reference_id":"RHSA-2025:21507","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21507"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21508","reference_id":"RHSA-2025:21508","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21508"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0001","reference_id":"RHSA-2026:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0076","reference_id":"RHSA-2026:0076","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0076"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0077","reference_id":"RHSA-2026:0077","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0078","reference_id":"RHSA-2026:0078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7504","reference_id":"RHSA-2026:7504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7504"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132437?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132443?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132439?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132441?format=json","purl":"pkg:deb/debian/tiff@4.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2025-9900"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d4hm-me5r-g7ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46898?format=json","vulnerability_id":"VCID-d93s-emc6-ayae","summary":"Out-of-bounds Write\nA segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52356.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-52356.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251344","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2251344"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/622","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/622"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/546","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/546"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061524","reference_id":"1061524","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061524"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-52356","reference_id":"CVE-2023-52356","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-52356"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52356","reference_id":"CVE-2023-52356","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5079","reference_id":"RHSA-2024:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20801","reference_id":"RHSA-2025:20801","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20801"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21994","reference_id":"RHSA-2025:21994","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23078","reference_id":"RHSA-2025:23078","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23078"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23079","reference_id":"RHSA-2025:23079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23079"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23080","reference_id":"RHSA-2025:23080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16174","reference_id":"RHSA-2026:16174","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3461","reference_id":"RHSA-2026:3461","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3461"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3462","reference_id":"RHSA-2026:3462","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3462"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5958","reference_id":"RHSA-2026:5958","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7081","reference_id":"RHSA-2026:7081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7081"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7304","reference_id":"RHSA-2026:7304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7335","reference_id":"RHSA-2026:7335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8746","reference_id":"RHSA-2026:8746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8747","reference_id":"RHSA-2026:8747","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8747"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8748","reference_id":"RHSA-2026:8748","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8748"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132435?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-52356"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d93s-emc6-ayae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4733?format=json","vulnerability_id":"VCID-dbtw-xgms-g7a1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5315","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38849","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346694","reference_id":"1346694","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346694"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700","reference_id":"830700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5315"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dbtw-xgms-g7a1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45398?format=json","vulnerability_id":"VCID-dgyb-2jpx-7ber","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nlibtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25434.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25434","reference_id":"","reference_type":"","scores":[{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46689","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25434"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/519","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/519"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215209","reference_id":"2215209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215209"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25434","reference_id":"CVE-2023-25434","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25434"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-25434"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgyb-2jpx-7ber"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102773?format=json","vulnerability_id":"VCID-dh4d-qkhm-pkha","summary":"An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. A crafted TIFF document can lead to a type confusion vulnerability resulting in remote code execution. This vulnerability can be triggered via a TIFF file delivered to the application using LibTIFF's tag extension functionality.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8331.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8331","reference_id":"","reference_type":"","scores":[{"value":"0.06223","scoring_system":"epss","scoring_elements":"0.91039","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8331"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389229","reference_id":"1389229","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389229"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-8331"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dh4d-qkhm-pkha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4750?format=json","vulnerability_id":"VCID-dyvz-88n7-aug5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3619.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3619.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3619","reference_id":"","reference_type":"","scores":[{"value":"0.00955","scoring_system":"epss","scoring_elements":"0.76778","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3619"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3619"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316569","reference_id":"1316569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316569"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820362","reference_id":"820362","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820362"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3619"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyvz-88n7-aug5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102790?format=json","vulnerability_id":"VCID-e2f7-aptp-8fdu","summary":"tif_dirread.c in LibTIFF 4.0.7 might allow remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7598.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7598","reference_id":"","reference_type":"","scores":[{"value":"0.00544","scoring_system":"epss","scoring_elements":"0.68106","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7598"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441254","reference_id":"1441254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441254"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7598"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2f7-aptp-8fdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102746?format=json","vulnerability_id":"VCID-e2fw-bbeg-3qby","summary":"Stack-based buffer overflow in the t2p_write_pdf_page function in tiff2pdf in libtiff before 4.0.3 allows remote attackers to cause a denial of service (application crash) via a crafted image length and resolution in a TIFF image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1961.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1961.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1961","reference_id":"","reference_type":"","scores":[{"value":"0.01867","scoring_system":"epss","scoring_elements":"0.83439","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1961"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706674","reference_id":"706674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706674"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=952131","reference_id":"952131","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=952131"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132147?format=json","purl":"pkg:deb/debian/tiff@4.0.2-6%2Bnmu1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-6%252Bnmu1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-1961"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e2fw-bbeg-3qby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4709?format=json","vulnerability_id":"VCID-eane-ev3e-93d3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9540.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9540","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62196","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397768","reference_id":"1397768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397768"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9540"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eane-ev3e-93d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4729?format=json","vulnerability_id":"VCID-eaxr-tudk-jfff","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5319.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5319.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5319","reference_id":"","reference_type":"","scores":[{"value":"0.00877","scoring_system":"epss","scoring_elements":"0.75654","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5319"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1344069","reference_id":"1344069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1344069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046","reference_id":"842046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5319"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eaxr-tudk-jfff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102789?format=json","vulnerability_id":"VCID-ebpy-1xg8-kfhm","summary":"tif_dirread.c in LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7597.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7597","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43368","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441252","reference_id":"1441252","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441252"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7597"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebpy-1xg8-kfhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6206?format=json","vulnerability_id":"VCID-ehrs-qbcg-z3e1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5784.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5784","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537740","reference_id":"1537740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537740"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890441","reference_id":"890441","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890441"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-813","reference_id":"AVG-813","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-813"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132391?format=json","purl":"pkg:deb/debian/tiff@4.0.9-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-5784"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehrs-qbcg-z3e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4742?format=json","vulnerability_id":"VCID-enmp-vfzt-ubdn","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3632.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3632","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66912","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325095","reference_id":"1325095","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325095"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3632"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enmp-vfzt-ubdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4740?format=json","vulnerability_id":"VCID-evq9-mjww-1qdk","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3634.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3634.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3634","reference_id":"","reference_type":"","scores":[{"value":"0.00693","scoring_system":"epss","scoring_elements":"0.72246","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3634"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326267","reference_id":"1326267","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326267"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3634"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evq9-mjww-1qdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4751?format=json","vulnerability_id":"VCID-eys7-uqtb-k3hf","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3186.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3186.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3186","reference_id":"","reference_type":"","scores":[{"value":"0.00733","scoring_system":"epss","scoring_elements":"0.73111","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3186"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319666","reference_id":"1319666","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1319666"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819972","reference_id":"819972","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819972"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3186"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eys7-uqtb-k3hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45231?format=json","vulnerability_id":"VCID-f1xy-5b5z-2ke7","summary":"NULL Pointer Dereference\nA NULL pointer dereference flaw was found in Libtiff's LZWDecode() function in the libtiff/tif_lzw.c file. This flaw allows a local attacker to craft specific input data that can cause the program to dereference a NULL pointer when decompressing a TIFF format file, resulting in a program crash or denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2731.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2731.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2207635","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2207635"},{"reference_url":"https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libsdl-org/libtiff/commit/9be22b639ea69e102d3847dca4c53ef025e9527b"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/548","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/548"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036282","reference_id":"1036282","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036282"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-2731","reference_id":"CVE-2023-2731","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-2731"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2731","reference_id":"CVE-2023-2731","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-2731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132115?format=json","purl":"pkg:deb/debian/tiff@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132431?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-2731"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f1xy-5b5z-2ke7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4711?format=json","vulnerability_id":"VCID-f79u-ccnn-fkb2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9538.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9538","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397765","reference_id":"1397765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397765"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9538"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f79u-ccnn-fkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102768?format=json","vulnerability_id":"VCID-f9ny-geg2-ebdy","summary":"LibTIFF 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6 and 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 512\" and libtiff/tif_unix.c:340:2.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10269.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10269.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10269","reference_id":"","reference_type":"","scores":[{"value":"0.0066","scoring_system":"epss","scoring_elements":"0.71479","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438443","reference_id":"1438443","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438443"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10269"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f9ny-geg2-ebdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102747?format=json","vulnerability_id":"VCID-faz2-7zdq-w3fb","summary":"Multiple buffer overflows in libtiff before 4.0.3 allow remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) extension block in a GIF image or (2) GIF raster image to tools/gif2tiff.c or (3) a long filename for a TIFF image to tools/rgb2ycbcr.c.  NOTE: vectors 1 and 3 are disputed by Red Hat, which states that the input cannot exceed the allocated buffer size.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4231.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4231","reference_id":"","reference_type":"","scores":[{"value":"0.18385","scoring_system":"epss","scoring_elements":"0.95353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719303","reference_id":"719303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=995965","reference_id":"995965","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=995965"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132152?format=json","purl":"pkg:deb/debian/tiff@4.0.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-4231"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-faz2-7zdq-w3fb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102786?format=json","vulnerability_id":"VCID-ffbw-vews-n7h3","summary":"The OJPEGReadHeaderInfoSecTablesDcTable function in tif_ojpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (memory leak) via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7594.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7594","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48817","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7594"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441247","reference_id":"1441247","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441247"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860001","reference_id":"860001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860001"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7594"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ffbw-vews-n7h3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46140?format=json","vulnerability_id":"VCID-fm7d-pca1-hkeh","summary":"Integer Overflow or Wraparound\nA vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41175.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-41175.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235264","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235264"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-41175","reference_id":"CVE-2023-41175","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-41175"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41175","reference_id":"CVE-2023-41175","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-41175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2289","reference_id":"RHSA-2024:2289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2289"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132433?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132434?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-41175"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fm7d-pca1-hkeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3323?format=json","vulnerability_id":"VCID-fmgr-9d3k-fycq","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1355.json","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1355.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1355","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22348","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1355"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011160","reference_id":"1011160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1011160"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074415","reference_id":"2074415","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074415"},{"reference_url":"https://security.archlinux.org/AVG-2721","reference_id":"AVG-2721","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2721"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132404?format=json","purl":"pkg:deb/debian/tiff@4.3.0-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1355"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fmgr-9d3k-fycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3171?format=json","vulnerability_id":"VCID-fn4f-qgf7-rudy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2057.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2057.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2057","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25821","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2057"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494","reference_id":"1014494","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222","reference_id":"2103222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132405?format=json","purl":"pkg:deb/debian/tiff@4.4.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2057"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fn4f-qgf7-rudy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3163?format=json","vulnerability_id":"VCID-fpbq-ppxw-f7c2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2953","reference_id":"","reference_type":"","scores":[{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04641","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2953"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670","reference_id":"1024670","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2134432","reference_id":"2134432","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2134432"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132407?format=json","purl":"pkg:deb/debian/tiff@4.4.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2953"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fpbq-ppxw-f7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3170?format=json","vulnerability_id":"VCID-fqx5-v7z8-n7gz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2058.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2058.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2058","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25821","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2058"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494","reference_id":"1014494","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222","reference_id":"2103222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132405?format=json","purl":"pkg:deb/debian/tiff@4.4.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2058"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fqx5-v7z8-n7gz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3164?format=json","vulnerability_id":"VCID-fr9e-d4k4-qbeu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2869.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2869.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2869","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07336","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2869"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118869","reference_id":"2118869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2118869"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132401?format=json","purl":"pkg:deb/debian/tiff@4.4.0~rc1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0~rc1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2869"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fr9e-d4k4-qbeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102739?format=json","vulnerability_id":"VCID-fv9j-cd1t-jbd3","summary":"The t2p_read_tiff_init function in tiff2pdf (tools/tiff2pdf.c) in LibTIFF 4.0.2 and earlier does not properly initialize the T2P context struct pointer in certain error conditions, which allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3401.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3401.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3401","reference_id":"","reference_type":"","scores":[{"value":"0.00916","scoring_system":"epss","scoring_elements":"0.76295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3401"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682115","reference_id":"682115","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682115"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=837577","reference_id":"837577","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=837577"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1590","reference_id":"RHSA-2012:1590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1590"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132136?format=json","purl":"pkg:deb/debian/tiff@4.0.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-3401"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fv9j-cd1t-jbd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3156?format=json","vulnerability_id":"VCID-g46h-2sqe-xkbk","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48281.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48281","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01343","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48281"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/d1b6b9c1b3cae2d9e37754506c1ad8f4f7b646b5"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/488","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/488"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00037.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00037.html"},{"reference_url":"https://www.debian.org/security/2023/dsa-5333","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2023/dsa-5333"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029653","reference_id":"1029653","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2163606","reference_id":"2163606","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2163606"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48281","reference_id":"CVE-2022-48281","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-48281"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3827","reference_id":"RHSA-2023:3827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3827"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132412?format=json","purl":"pkg:deb/debian/tiff@4.5.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-48281"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g46h-2sqe-xkbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69776?format=json","vulnerability_id":"VCID-g65z-w3mz-7qh4","summary":"tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0.1 and other products, has an integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image, related to a \"Negative-size-param\" condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17546.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17546.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17546","reference_id":"","reference_type":"","scores":[{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59332","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17546"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765705","reference_id":"1765705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765705"},{"reference_url":"https://security.gentoo.org/glsa/202003-25","reference_id":"GLSA-202003-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3902","reference_id":"RHSA-2020:3902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4634","reference_id":"RHSA-2020:4634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4634"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132395?format=json","purl":"pkg:deb/debian/tiff@4.0.10%2Bgit190818-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10%252Bgit190818-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2019-17546"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g65z-w3mz-7qh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102817?format=json","vulnerability_id":"VCID-ggn4-tvmm-8baa","summary":"The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6128.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6128","reference_id":"","reference_type":"","scores":[{"value":"0.02335","scoring_system":"epss","scoring_elements":"0.85137","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6128"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667122","reference_id":"1667122","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1667122"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921157","reference_id":"921157","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921157"},{"reference_url":"https://security.archlinux.org/ASA-201911-13","reference_id":"ASA-201911-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-13"},{"reference_url":"https://security.archlinux.org/AVG-886","reference_id":"AVG-886","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-886"},{"reference_url":"https://security.gentoo.org/glsa/202003-25","reference_id":"GLSA-202003-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132376?format=json","purl":"pkg:deb/debian/tiff@4.0.10-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2019-6128"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggn4-tvmm-8baa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4928?format=json","vulnerability_id":"VCID-gh3j-c1nj-sfby","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0562.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0562.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0562","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10645","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/build/omnibus-mirror/libtiff/-/commit/561599c99f987dc32ae110370cfdd7df7975586b"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/362","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/362"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2054495","reference_id":"2054495","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2054495"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0562","reference_id":"CVE-2022-0562","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0562"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json","reference_id":"CVE-2022-0562.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0562.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132397?format=json","purl":"pkg:deb/debian/tiff@4.3.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0562"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gh3j-c1nj-sfby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102757?format=json","vulnerability_id":"VCID-gnkb-u976-3qaw","summary":"tif_luv.c in libtiff allows attackers to cause a denial of service (out-of-bounds write) via an invalid number of samples per pixel in a LogL compressed TIFF image, a different vulnerability than CVE-2015-8782.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8781","reference_id":"","reference_type":"","scores":[{"value":"0.01417","scoring_system":"epss","scoring_elements":"0.80906","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649","reference_id":"1301649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301649"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8781"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gnkb-u976-3qaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4732?format=json","vulnerability_id":"VCID-gpud-pv1v-67c1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5316.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5316","reference_id":"","reference_type":"","scores":[{"value":"0.00683","scoring_system":"epss","scoring_elements":"0.72044","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346690","reference_id":"1346690","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346690"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700","reference_id":"830700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5316"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gpud-pv1v-67c1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54150?format=json","vulnerability_id":"VCID-gpww-4m2k-57br","summary":"Integer Overflow or Wraparound\nAn integer overflow flaw was found in libtiff that exists in the `tif_getimage.c` file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35523.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35523.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35523","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48649","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35523"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932040","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932040"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35523","reference_id":"CVE-2020-35523","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35523"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4241","reference_id":"RHSA-2021:4241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132396?format=json","purl":"pkg:deb/debian/tiff@4.1.0%2Bgit201212-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.1.0%252Bgit201212-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-35523"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gpww-4m2k-57br"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102765?format=json","vulnerability_id":"VCID-gqad-j76g-tyg5","summary":"LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10266.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10266.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10266","reference_id":"","reference_type":"","scores":[{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.5757","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10266"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438472","reference_id":"1438472","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438472"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10266"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqad-j76g-tyg5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4755?format=json","vulnerability_id":"VCID-gr1x-z5t8-j3eh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7313.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7313","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32379","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7313"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1265998","reference_id":"1265998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1265998"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800124","reference_id":"800124","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800124"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-7313"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr1x-z5t8-j3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102684?format=json","vulnerability_id":"VCID-gz4p-s7cb-5qd8","summary":"Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote attackers to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1307.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1307","reference_id":"","reference_type":"","scores":[{"value":"0.05111","scoring_system":"epss","scoring_elements":"0.90008","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617405","reference_id":"1617405","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:577","reference_id":"RHSA-2004:577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:021","reference_id":"RHSA-2005:021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:021"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132051?format=json","purl":"pkg:deb/debian/tiff@3.7.0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.7.0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-1307"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gz4p-s7cb-5qd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4720?format=json","vulnerability_id":"VCID-h17a-js2a-x7dh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9297.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9297","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57876","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395264","reference_id":"1395264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395264"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844226","reference_id":"844226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844226"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9297"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h17a-js2a-x7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102694?format=json","vulnerability_id":"VCID-h3w5-akuc-uucj","summary":"Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2025.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2025","reference_id":"","reference_type":"","scores":[{"value":"0.0744","scoring_system":"epss","scoring_elements":"0.91894","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2025"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618084","reference_id":"1618084","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618084"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27764.txt","reference_id":"CVE-2006-2025;OSVDB-25019","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27764.txt"},{"reference_url":"https://www.securityfocus.com/bid/17732/info","reference_id":"CVE-2006-2025;OSVDB-25019","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/17732/info"},{"reference_url":"https://security.gentoo.org/glsa/200605-17","reference_id":"GLSA-200605-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200605-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0425","reference_id":"RHSA-2006:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132057?format=json","purl":"pkg:deb/debian/tiff@3.8.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2025"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3w5-akuc-uucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4718?format=json","vulnerability_id":"VCID-h9nx-bv3h-dyev","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9453.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9453.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9453","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.53007","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397723","reference_id":"1397723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397723"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9453"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h9nx-bv3h-dyev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102751?format=json","vulnerability_id":"VCID-hac2-vcxa-cffp","summary":"LibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8128.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8128","reference_id":"","reference_type":"","scores":[{"value":"0.00994","scoring_system":"epss","scoring_elements":"0.77278","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185812","reference_id":"1185812","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185812"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132165?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-8128"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hac2-vcxa-cffp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4921?format=json","vulnerability_id":"VCID-hbjb-er6u-37dz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22844.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-22844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22844","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19422","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-22844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/355","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/355"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/287","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/287"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042603","reference_id":"2042603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2042603"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22844","reference_id":"CVE-2022-22844","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-22844"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132406?format=json","purl":"pkg:deb/debian/tiff@4.3.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-22844"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbjb-er6u-37dz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102726?format=json","vulnerability_id":"VCID-hcaj-3gt6-c7hg","summary":"LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows remote attackers to cause a denial of service via a crafted TIFF image, related to \"downsampled OJPEG input.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2598.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2598","reference_id":"","reference_type":"","scores":[{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.69398","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2598"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=610786","reference_id":"610786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=610786"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0520","reference_id":"RHSA-2010:0520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0520"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2598"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hcaj-3gt6-c7hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4715?format=json","vulnerability_id":"VCID-hep7-wa9u-ybbb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9534.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9534","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63863","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397751","reference_id":"1397751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397751"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9534"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hep7-wa9u-ybbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102718?format=json","vulnerability_id":"VCID-htg2-yp29-hban","summary":"Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF before 3.9.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long EXIF SubjectDistance field in a TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2067.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2067.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2067","reference_id":"","reference_type":"","scores":[{"value":"0.028","scoring_system":"epss","scoring_elements":"0.86385","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2067"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=599576","reference_id":"599576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=599576"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2067"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-htg2-yp29-hban"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102785?format=json","vulnerability_id":"VCID-hv4a-w9rs-4fg4","summary":"tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7593.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7593.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7593","reference_id":"","reference_type":"","scores":[{"value":"0.00227","scoring_system":"epss","scoring_elements":"0.45563","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441246","reference_id":"1441246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860000","reference_id":"860000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860000"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7593"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hv4a-w9rs-4fg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46141?format=json","vulnerability_id":"VCID-hykv-yanw-1bf9","summary":"Integer Overflow or Wraparound\nLibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40745.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40745.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235265","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235265"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-40745","reference_id":"CVE-2023-40745","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-40745"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40745","reference_id":"CVE-2023-40745","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-40745"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2289","reference_id":"RHSA-2024:2289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2289"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132433?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132434?format=json","purl":"pkg:deb/debian/tiff@4.5.1%2Bgit230720-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1%252Bgit230720-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-40745"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hykv-yanw-1bf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102724?format=json","vulnerability_id":"VCID-hzgv-brm9-akdh","summary":"The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image that triggers an array index error, related to \"downsampled OJPEG input.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2595.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2595","reference_id":"","reference_type":"","scores":[{"value":"0.01751","scoring_system":"epss","scoring_elements":"0.82908","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2595"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=610684","reference_id":"610684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=610684"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132098?format=json","purl":"pkg:deb/debian/tiff@3.9.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2595"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hzgv-brm9-akdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102748?format=json","vulnerability_id":"VCID-j7gx-b3sq-hqap","summary":"Use-after-free vulnerability in the t2p_readwrite_pdf_image function in tools/tiff2pdf.c in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4232.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4232","reference_id":"","reference_type":"","scores":[{"value":"0.01331","scoring_system":"epss","scoring_elements":"0.80287","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719303","reference_id":"719303","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=995975","reference_id":"995975","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=995975"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132152?format=json","purl":"pkg:deb/debian/tiff@4.0.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-4232"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7gx-b3sq-hqap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4744?format=json","vulnerability_id":"VCID-j812-5e7u-77gj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3625.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3625.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3625","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56915","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3625"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3625"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325091","reference_id":"1325091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325091"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132233?format=json","purl":"pkg:deb/debian/tiff@4.0.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3625"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j812-5e7u-77gj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4927?format=json","vulnerability_id":"VCID-jm7h-py2k-c7ha","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0865.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0865","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10773","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/385","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/385"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/306","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/306"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064406","reference_id":"2064406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064406"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0865","reference_id":"CVE-2022-0865","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0865"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json","reference_id":"CVE-2022-0865.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0865.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132399?format=json","purl":"pkg:deb/debian/tiff@4.3.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0865"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jm7h-py2k-c7ha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4741?format=json","vulnerability_id":"VCID-jpk4-8v2b-tkd3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3633.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3633.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3633","reference_id":"","reference_type":"","scores":[{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.64076","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3633"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326255","reference_id":"1326255","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326255"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046","reference_id":"842046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3633"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpk4-8v2b-tkd3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102725?format=json","vulnerability_id":"VCID-jpv7-hgwm-pyh9","summary":"The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash) via a crafted TIFF image, related to \"downsampled OJPEG input\" and possibly related to a compiler optimization that triggers a divide-by-zero error.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2597.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2597","reference_id":"","reference_type":"","scores":[{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81051","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2597"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=610776","reference_id":"610776","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=610776"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132098?format=json","purl":"pkg:deb/debian/tiff@3.9.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2597"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpv7-hgwm-pyh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102699?format=json","vulnerability_id":"VCID-judu-wf4u-tkaw","summary":"The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service (crash) via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2120.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2120.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2120","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55411","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2120"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618087","reference_id":"1618087","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618087"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366588","reference_id":"366588","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=366588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0425","reference_id":"RHSA-2006:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0425"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132057?format=json","purl":"pkg:deb/debian/tiff@3.8.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2120"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-judu-wf4u-tkaw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102816?format=json","vulnerability_id":"VCID-k4db-v3dj-wbaa","summary":"_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through 4.0.10 mishandle Integer Overflow checks because they rely on compiler behavior that is undefined by the applicable C standards. This can, for example, lead to an application crash.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14973.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14973.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14973","reference_id":"","reference_type":"","scores":[{"value":"0.0313","scoring_system":"epss","scoring_elements":"0.87103","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-14973"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1745951","reference_id":"1745951","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1745951"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934780","reference_id":"934780","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1688","reference_id":"RHSA-2020:1688","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1688"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3902","reference_id":"RHSA-2020:3902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132394?format=json","purl":"pkg:deb/debian/tiff@4.0.10%2Bgit190814-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10%252Bgit190814-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2019-14973"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4db-v3dj-wbaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4713?format=json","vulnerability_id":"VCID-k5c9-5xnv-57f7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9536.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9536","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397758","reference_id":"1397758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397758"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9536"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5c9-5xnv-57f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102782?format=json","vulnerability_id":"VCID-kaj7-scpx-87dc","summary":"LibTIFF version 4.0.7 is vulnerable to a heap buffer overflow in the tools/tiffcp resulting in DoS or code execution via a crafted BitsPerSample value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5225.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5225","reference_id":"","reference_type":"","scores":[{"value":"0.00724","scoring_system":"epss","scoring_elements":"0.72921","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412716","reference_id":"1412716","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1412716"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851297","reference_id":"851297","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851297"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132335?format=json","purl":"pkg:deb/debian/tiff@4.0.7-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-5225"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kaj7-scpx-87dc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102721?format=json","vulnerability_id":"VCID-kc84-s4s8-t3d2","summary":"The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2481.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2481","reference_id":"","reference_type":"","scores":[{"value":"0.01608","scoring_system":"epss","scoring_elements":"0.82086","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2481"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=611895","reference_id":"611895","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=611895"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2481"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kc84-s4s8-t3d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3172?format=json","vulnerability_id":"VCID-kgbx-td11-53cs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2056.json","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2056.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2056","reference_id":"","reference_type":"","scores":[{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25821","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2056"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494","reference_id":"1014494","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014494"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222","reference_id":"2103222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103222"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132405?format=json","purl":"pkg:deb/debian/tiff@4.4.0-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2056"],"risk_score":2.3,"exploitability":"0.5","weighted_severity":"4.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgbx-td11-53cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102701?format=json","vulnerability_id":"VCID-kr2g-6vsv-dqdu","summary":"Buffer overflow in the t2p_write_pdf_string function in tiff2pdf in libtiff 3.8.2 and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a TIFF file with a DocumentName tag that contains UTF-8 characters, which triggers the overflow when a character is sign extended to an integer that produces more digits than expected in an sprintf call.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2193.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2193.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2193","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7093","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2193"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=194362","reference_id":"194362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=194362"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=371064","reference_id":"371064","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=371064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0848","reference_id":"RHSA-2008:0848","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0848"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132058?format=json","purl":"pkg:deb/debian/tiff@3.8.2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2193"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kr2g-6vsv-dqdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4754?format=json","vulnerability_id":"VCID-kucf-4yqt-3fbg","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8665","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43224","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294444","reference_id":"1294444","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294444"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968","reference_id":"808968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8665"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kucf-4yqt-3fbg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3158?format=json","vulnerability_id":"VCID-kv51-zgyb-fffy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3627.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3627","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08573","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3627"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142742","reference_id":"2142742","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142742"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2883","reference_id":"RHSA-2023:2883","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3627"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kv51-zgyb-fffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102683?format=json","vulnerability_id":"VCID-kzzk-fz6p-9ffd","summary":"Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1183.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1183","reference_id":"","reference_type":"","scores":[{"value":"0.02991","scoring_system":"epss","scoring_elements":"0.86805","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617390","reference_id":"1617390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:019","reference_id":"RHSA-2005:019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:035","reference_id":"RHSA-2005:035","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:035"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132050?format=json","purl":"pkg:deb/debian/tiff@3.6.1-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.6.1-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-1183"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kzzk-fz6p-9ffd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102753?format=json","vulnerability_id":"VCID-m2ga-kxun-8qf3","summary":"Integer overflow in tif_packbits.c in bmp2tif in libtiff 4.0.3 allows remote attackers to cause a denial of service (crash) via crafted BMP image, related to dimensions, which triggers an out-of-bounds read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9330.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9330","reference_id":"","reference_type":"","scores":[{"value":"0.01351","scoring_system":"epss","scoring_elements":"0.80431","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177893","reference_id":"1177893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177893"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773987","reference_id":"773987","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773987"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132173?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-9330"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2ga-kxun-8qf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4753?format=json","vulnerability_id":"VCID-ma1y-1jua-3bhz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8668.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8668.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8668","reference_id":"","reference_type":"","scores":[{"value":"0.0671","scoring_system":"epss","scoring_elements":"0.91416","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8668"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294425","reference_id":"1294425","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1294425"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046","reference_id":"842046","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842046"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8668"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ma1y-1jua-3bhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54145?format=json","vulnerability_id":"VCID-mg3n-auw4-r7aa","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nA flaw was found in libtiff. Due to a memory allocation failure in `tif_read.c`, a crafted TIFF file can lead to an abort, resulting in denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35521.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35521.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35521","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22325","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35521"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932034","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932034"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35521","reference_id":"CVE-2020-35521","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4241","reference_id":"RHSA-2021:4241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132396?format=json","purl":"pkg:deb/debian/tiff@4.1.0%2Bgit201212-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.1.0%252Bgit201212-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-35521"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mg3n-auw4-r7aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102780?format=json","vulnerability_id":"VCID-mhv7-ssh3-dfbr","summary":"tools/pal2rgb.c in pal2rgb in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (TIFFSetupStrips heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17095.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17095","reference_id":"","reference_type":"","scores":[{"value":"0.04367","scoring_system":"epss","scoring_elements":"0.89143","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524284","reference_id":"1524284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1524284"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883320","reference_id":"883320","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883320"},{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2750","reference_id":"CVE-2017-17095","reference_type":"exploit","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2750"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/43322.txt","reference_id":"CVE-2017-17095","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/43322.txt"},{"reference_url":"https://security.gentoo.org/glsa/202003-25","reference_id":"GLSA-202003-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:4658","reference_id":"RHSA-2025:4658","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:4658"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132317?format=json","purl":"pkg:deb/debian/tiff@4.0.9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-17095"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhv7-ssh3-dfbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45637?format=json","vulnerability_id":"VCID-mn3y-yrxt-jkgx","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nA flaw was found in libtiff. A specially crafted tiff file can lead to a segmentation fault due to a buffer overflow in the Fax3Encode function in libtiff/tif_fax3.c, resulting in a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3618.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3618.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215865","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215865"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/8a4f6b587be4fa7bb39fe17f5f9dec52182ab26e","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/8a4f6b587be4fa7bb39fe17f5f9dec52182ab26e"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040945","reference_id":"1040945","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040945"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3618","reference_id":"CVE-2023-3618","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-3618"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3618","reference_id":"CVE-2023-3618","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3618"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2289","reference_id":"RHSA-2024:2289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2289"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-3618"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mn3y-yrxt-jkgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102815?format=json","vulnerability_id":"VCID-mn4b-21cd-k3eh","summary":"LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5360.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5360","reference_id":"","reference_type":"","scores":[{"value":"0.00456","scoring_system":"epss","scoring_elements":"0.64219","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5360"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535494","reference_id":"1535494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535494"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-5360"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mn4b-21cd-k3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102723?format=json","vulnerability_id":"VCID-mn52-n2fv-hfds","summary":"The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPerPixel and Photometric values.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2483.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2483.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2483","reference_id":"","reference_type":"","scores":[{"value":"0.01269","scoring_system":"epss","scoring_elements":"0.79827","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2483"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=611900","reference_id":"611900","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=611900"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132096?format=json","purl":"pkg:deb/debian/tiff@3.9.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2483"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mn52-n2fv-hfds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102697?format=json","vulnerability_id":"VCID-mp1n-rysy-5yeu","summary":"Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to \"setfield/getfield methods in cleanup functions.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2026.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2026.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2026","reference_id":"","reference_type":"","scores":[{"value":"0.10273","scoring_system":"epss","scoring_elements":"0.93299","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2026"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618085","reference_id":"1618085","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618085"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27765.txt","reference_id":"CVE-2006-2026;OSVDB-25020","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27765.txt"},{"reference_url":"https://www.securityfocus.com/bid/17733/info","reference_id":"CVE-2006-2026;OSVDB-25020","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/17733/info"},{"reference_url":"https://security.gentoo.org/glsa/200605-17","reference_id":"GLSA-200605-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200605-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0425","reference_id":"RHSA-2006:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132057?format=json","purl":"pkg:deb/debian/tiff@3.8.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2026"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mp1n-rysy-5yeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102728?format=json","vulnerability_id":"VCID-mx92-rrxt-4qgs","summary":"The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-specific tags that have an out-of-order position in a TIFF file, which allows remote attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2010-2481.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2630.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2630.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2630","reference_id":"","reference_type":"","scores":[{"value":"0.03939","scoring_system":"epss","scoring_elements":"0.88546","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2630"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=611886","reference_id":"611886","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=611886"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34278.txt","reference_id":"CVE-2010-2630;OSVDB-66089","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/34278.txt"},{"reference_url":"https://www.securityfocus.com/bid/41475/info","reference_id":"CVE-2010-2630;OSVDB-66089","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/41475/info"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132098?format=json","purl":"pkg:deb/debian/tiff@3.9.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2630"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mx92-rrxt-4qgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102772?format=json","vulnerability_id":"VCID-mzhm-ecrs-aqaq","summary":"The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10371.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10371.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10371","reference_id":"","reference_type":"","scores":[{"value":"0.00482","scoring_system":"epss","scoring_elements":"0.65517","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10371"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449534","reference_id":"1449534","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449534"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862929","reference_id":"862929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862929"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132185?format=json","purl":"pkg:deb/debian/tiff@4.0.7-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10371"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzhm-ecrs-aqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4730?format=json","vulnerability_id":"VCID-n1yd-y1ur-cqgx","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5318.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5318.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5318","reference_id":"","reference_type":"","scores":[{"value":"0.01036","scoring_system":"epss","scoring_elements":"0.77728","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5318"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5318"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1344068","reference_id":"1344068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1344068"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5318"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1yd-y1ur-cqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44435?format=json","vulnerability_id":"VCID-n6xy-jdpr-tfbq","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0795.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0795","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02067","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0795"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/493","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/493"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170119","reference_id":"2170119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170119"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0795","reference_id":"CVE-2023-0795","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0795"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json","reference_id":"CVE-2023-0795.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0795.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0795"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6xy-jdpr-tfbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54148?format=json","vulnerability_id":"VCID-ndga-7wj3-xfc8","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nIn LibTIFF, there is a memory malloc failure in `tif_pixarlog.c`. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35522.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35522.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35522","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.134","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35522"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932037","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932037"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35522","reference_id":"CVE-2020-35522","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35522"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4241","reference_id":"RHSA-2021:4241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132396?format=json","purl":"pkg:deb/debian/tiff@4.1.0%2Bgit201212-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.1.0%252Bgit201212-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-35522"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ndga-7wj3-xfc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102760?format=json","vulnerability_id":"VCID-nezb-t4bq-jbav","summary":"The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image, as demonstrated by libtiff5.tif.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8784","reference_id":"","reference_type":"","scores":[{"value":"0.00896","scoring_system":"epss","scoring_elements":"0.75993","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301652","reference_id":"1301652","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1301652"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8784"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nezb-t4bq-jbav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46132?format=json","vulnerability_id":"VCID-nhb2-strk-c7df","summary":"Missing Release of Memory after Effective Lifetime\nA memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an application crash, eventually leading to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3576.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3576.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219340","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2219340"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-3576","reference_id":"CVE-2023-3576","reference_type":"","scores":[],"url":"https://access.redhat.com/security/cve/CVE-2023-3576"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3576","reference_id":"CVE-2023-3576","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3576"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132433?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-3576"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nhb2-strk-c7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102713?format=json","vulnerability_id":"VCID-np9z-tebu-ckb1","summary":"Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2285.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2285","reference_id":"","reference_type":"","scores":[{"value":"0.16784","scoring_system":"epss","scoring_elements":"0.9507","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2285"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=507465","reference_id":"507465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=507465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534137","reference_id":"534137","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534137"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33049.txt","reference_id":"CVE-2009-2285;OSVDB-55265","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/33049.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/10205.txt","reference_id":"CVE-2009-2285;OSVDB-55265","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/10205.txt"},{"reference_url":"https://www.securityfocus.com/bid/35451/info","reference_id":"CVE-2009-2285;OSVDB-55265","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/35451/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1159","reference_id":"RHSA-2009:1159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132073?format=json","purl":"pkg:deb/debian/tiff@3.8.2-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2009-2285"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-np9z-tebu-ckb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4929?format=json","vulnerability_id":"VCID-nrc9-7pss-6bgh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0561.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0561","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18677","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/freedesktop-sdk/mirrors/gitlab/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/362","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/362"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2054494","reference_id":"2054494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2054494"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0561","reference_id":"CVE-2022-0561","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0561"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json","reference_id":"CVE-2022-0561.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0561.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132397?format=json","purl":"pkg:deb/debian/tiff@4.3.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0561"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nrc9-7pss-6bgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3324?format=json","vulnerability_id":"VCID-ns8v-m9be-pkfx","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1354.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1354.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1354","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1952","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1354"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074404","reference_id":"2074404","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2074404"},{"reference_url":"https://security.archlinux.org/AVG-2721","reference_id":"AVG-2721","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2721"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132402?format=json","purl":"pkg:deb/debian/tiff@4.3.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1354"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ns8v-m9be-pkfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4710?format=json","vulnerability_id":"VCID-nubb-rk2q-z3de","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9539.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9539","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9539"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397767","reference_id":"1397767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397767"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9539"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nubb-rk2q-z3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6223?format=json","vulnerability_id":"VCID-nvzg-8vh5-m3fy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11613.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11613.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11613","reference_id":"","reference_type":"","scores":[{"value":"0.00548","scoring_system":"epss","scoring_elements":"0.68261","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475530","reference_id":"1475530","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1475530"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869823","reference_id":"869823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869823"},{"reference_url":"https://security.archlinux.org/ASA-201811-17","reference_id":"ASA-201811-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-17"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-790","reference_id":"AVG-790","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-790"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132317?format=json","purl":"pkg:deb/debian/tiff@4.0.9-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-11613"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nvzg-8vh5-m3fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102798?format=json","vulnerability_id":"VCID-nxqc-thj2-ruer","summary":"In LibTIFF 4.0.7, a memory leak vulnerability was found in the function OJPEGReadHeaderInfoSecTablesQTable in tif_ojpeg.c, which allows attackers to cause a denial of service via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9404.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9404","reference_id":"","reference_type":"","scores":[{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66827","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458904","reference_id":"1458904","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458904"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132361?format=json","purl":"pkg:deb/debian/tiff@4.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9404"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nxqc-thj2-ruer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102744?format=json","vulnerability_id":"VCID-p4dr-ub7s-3ybv","summary":"Heap-based buffer overflow in the t2p_process_jpeg_strip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1960.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1960","reference_id":"","reference_type":"","scores":[{"value":"0.04531","scoring_system":"epss","scoring_elements":"0.89353","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1961"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706675","reference_id":"706675","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=706675"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=952158","reference_id":"952158","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=952158"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132147?format=json","purl":"pkg:deb/debian/tiff@4.0.2-6%2Bnmu1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-6%252Bnmu1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-1960"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p4dr-ub7s-3ybv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102812?format=json","vulnerability_id":"VCID-pf7r-7sdb-ayfk","summary":"An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17101.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17101.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17101","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.67922","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17101"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631078","reference_id":"1631078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631078"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909037","reference_id":"909037","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132379?format=json","purl":"pkg:deb/debian/tiff@4.0.9%2Bgit181026-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9%252Bgit181026-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17101"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pf7r-7sdb-ayfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102820?format=json","vulnerability_id":"VCID-pfnv-dcqt-vygm","summary":"Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the \"invertImage()\" function in the component \"tiffcrop\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19131.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19131.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19131","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68311","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-19131"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2004031","reference_id":"2004031","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2004031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1810","reference_id":"RHSA-2022:1810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1810"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132394?format=json","purl":"pkg:deb/debian/tiff@4.0.10%2Bgit190814-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10%252Bgit190814-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-19131"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfnv-dcqt-vygm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4743?format=json","vulnerability_id":"VCID-ph5n-1uzy-fffc","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3631.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3631.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3631","reference_id":"","reference_type":"","scores":[{"value":"0.0079","scoring_system":"epss","scoring_elements":"0.74243","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3631"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316872","reference_id":"1316872","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316872"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820366","reference_id":"820366","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820366"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3631"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ph5n-1uzy-fffc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4727?format=json","vulnerability_id":"VCID-png5-4eam-k7e2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5321.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5321","reference_id":"","reference_type":"","scores":[{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346695","reference_id":"1346695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346695"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5321"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-png5-4eam-k7e2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44439?format=json","vulnerability_id":"VCID-pnp2-whuf-w3d7","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0804.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0804","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.05187","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0804"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/497","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/497"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170192","reference_id":"2170192","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170192"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0804","reference_id":"CVE-2023-0804","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0804"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json","reference_id":"CVE-2023-0804.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0804.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5353","reference_id":"RHSA-2023:5353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0804"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pnp2-whuf-w3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102775?format=json","vulnerability_id":"VCID-pxh4-v8pd-zbdg","summary":"There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11335.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11335.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11335","reference_id":"","reference_type":"","scores":[{"value":"0.01374","scoring_system":"epss","scoring_elements":"0.80576","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11335"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1474356","reference_id":"1474356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1474356"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868513","reference_id":"868513","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=868513"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132314?format=json","purl":"pkg:deb/debian/tiff@4.0.8-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-11335"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxh4-v8pd-zbdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102711?format=json","vulnerability_id":"VCID-q1qd-rz22-6bce","summary":"Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3465.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3465.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3465","reference_id":"","reference_type":"","scores":[{"value":"0.14381","scoring_system":"epss","scoring_elements":"0.94544","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3465"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3465"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1qd-rz22-6bce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45374?format=json","vulnerability_id":"VCID-q39u-5dd6-qyd2","summary":"Out-of-bounds Write\nloadImage() in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based use after free via a crafted TIFF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26965.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26965","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0087","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26965"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/472","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/472"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215206","reference_id":"2215206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2215206"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26965","reference_id":"CVE-2023-26965","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-26965"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q39u-5dd6-qyd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54146?format=json","vulnerability_id":"VCID-q4z8-y3dw-rfbc","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nA heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35524.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35524","reference_id":"","reference_type":"","scores":[{"value":"0.0048","scoring_system":"epss","scoring_elements":"0.65421","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35524"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932044","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1932044"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35524","reference_id":"CVE-2020-35524","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4241","reference_id":"RHSA-2021:4241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4241"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132396?format=json","purl":"pkg:deb/debian/tiff@4.1.0%2Bgit201212-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.1.0%252Bgit201212-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-35524"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q4z8-y3dw-rfbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102752?format=json","vulnerability_id":"VCID-q5g6-aa65-1yb1","summary":"LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8129.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8129","reference_id":"","reference_type":"","scores":[{"value":"0.01462","scoring_system":"epss","scoring_elements":"0.81203","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185815","reference_id":"1185815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185815"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132168?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-8129"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5g6-aa65-1yb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3169?format=json","vulnerability_id":"VCID-q9xq-fn2h-uqf2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2519","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31165","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2519"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670","reference_id":"1024670","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122789","reference_id":"2122789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122789"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0095","reference_id":"RHSA-2023:0095","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0302","reference_id":"RHSA-2023:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0302"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132407?format=json","purl":"pkg:deb/debian/tiff@4.4.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2519"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9xq-fn2h-uqf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102756?format=json","vulnerability_id":"VCID-qbnq-5kfz-pbez","summary":"The NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff5.tif.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1547.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1547.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1547","reference_id":"","reference_type":"","scores":[{"value":"0.0445","scoring_system":"epss","scoring_elements":"0.89252","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190709","reference_id":"1190709","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190709"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390","reference_id":"777390","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132168?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-1547"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbnq-5kfz-pbez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102800?format=json","vulnerability_id":"VCID-qk9k-56ak-b7cm","summary":"In LibTIFF 4.0.8, there is a memory leak in tif_jbig.c. A crafted TIFF document can lead to a memory leak resulting in a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9936.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9936","reference_id":"","reference_type":"","scores":[{"value":"0.05227","scoring_system":"epss","scoring_elements":"0.90123","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10688","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10688"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9936"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469728","reference_id":"1469728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469728"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866113","reference_id":"866113","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866113"},{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2706","reference_id":"CVE-2017-9936","reference_type":"exploit","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2706"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42300.txt","reference_id":"CVE-2017-9936","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42300.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132310?format=json","purl":"pkg:deb/debian/tiff@4.0.8-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9936"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qk9k-56ak-b7cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4924?format=json","vulnerability_id":"VCID-r2hy-dcn6-kfb8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0908.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0908.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0908","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.1379","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/a95b799f65064e4ba2e2dfc206808f86faf93e85"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/383","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/383"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064145","reference_id":"2064145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064145"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0908","reference_id":"CVE-2022-0908","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0908"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json","reference_id":"CVE-2022-0908.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0908.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132400?format=json","purl":"pkg:deb/debian/tiff@4.3.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0908"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2hy-dcn6-kfb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102778?format=json","vulnerability_id":"VCID-r3kv-sfxj-7bgv","summary":"There is a reachable assertion abort in the function TIFFWriteDirectoryTagSubifd() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13727.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13727.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13727","reference_id":"","reference_type":"","scores":[{"value":"0.00636","scoring_system":"epss","scoring_elements":"0.70804","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13727"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488887","reference_id":"1488887","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488887"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873879","reference_id":"873879","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873879"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132324?format=json","purl":"pkg:deb/debian/tiff@4.0.8-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-13727"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r3kv-sfxj-7bgv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4749?format=json","vulnerability_id":"VCID-r6sa-34pz-cugr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3620.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3620","reference_id":"","reference_type":"","scores":[{"value":"0.0101","scoring_system":"epss","scoring_elements":"0.7744","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3620"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316859","reference_id":"1316859","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1316859"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820363","reference_id":"820363","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820363"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3620"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r6sa-34pz-cugr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4747?format=json","vulnerability_id":"VCID-rarp-cytw-9yfq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3622.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3622","reference_id":"","reference_type":"","scores":[{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76137","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324823","reference_id":"1324823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820365","reference_id":"820365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820365"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3622"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rarp-cytw-9yfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44440?format=json","vulnerability_id":"VCID-rben-hn5u-kqdh","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3400, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0798.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0798","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02067","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0798"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/492","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/492"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170157","reference_id":"2170157","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170157"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0798","reference_id":"CVE-2023-0798","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0798"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json","reference_id":"CVE-2023-0798.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0798.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0798"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rben-hn5u-kqdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102681?format=json","vulnerability_id":"VCID-rvg9-bqhf-r3fg","summary":"Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0886.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0886","reference_id":"","reference_type":"","scores":[{"value":"0.10989","scoring_system":"epss","scoring_elements":"0.93563","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0886"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617314","reference_id":"1617314","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:577","reference_id":"RHSA-2004:577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:577"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:021","reference_id":"RHSA-2005:021","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:021"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:354","reference_id":"RHSA-2005:354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:354"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132044?format=json","purl":"pkg:deb/debian/tiff@3.6.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.6.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2004-0886"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rvg9-bqhf-r3fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3159?format=json","vulnerability_id":"VCID-ryah-d2mj-vkha","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3599.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3599","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11849","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3599"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142740","reference_id":"2142740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142740"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3599"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ryah-d2mj-vkha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4758?format=json","vulnerability_id":"VCID-sccn-urtk-gbb6","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2596","reference_id":"","reference_type":"","scores":[{"value":"0.00999","scoring_system":"epss","scoring_elements":"0.77329","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=610759","reference_id":"610759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=610759"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132101?format=json","purl":"pkg:deb/debian/tiff@4.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2596"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sccn-urtk-gbb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4722?format=json","vulnerability_id":"VCID-scuk-jnxs-sbfu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6223.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6223.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6223","reference_id":"","reference_type":"","scores":[{"value":"0.01239","scoring_system":"epss","scoring_elements":"0.79573","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1356867","reference_id":"1356867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1356867"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842270","reference_id":"842270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842270"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-6223"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scuk-jnxs-sbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102738?format=json","vulnerability_id":"VCID-sdda-nfpd-wkeq","summary":"Multiple integer overflows in tiff2pdf in libtiff before 4.0.2 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2113.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2113","reference_id":"","reference_type":"","scores":[{"value":"0.0117","scoring_system":"epss","scoring_elements":"0.79003","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2113"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140","reference_id":"678140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=810551","reference_id":"810551","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=810551"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1054","reference_id":"RHSA-2012:1054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1054"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132133?format=json","purl":"pkg:deb/debian/tiff@4.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-2113"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdda-nfpd-wkeq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102774?format=json","vulnerability_id":"VCID-sfff-qfwq-gqhh","summary":"In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10688.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10688.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10688","reference_id":"","reference_type":"","scores":[{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88277","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-10688"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470241","reference_id":"1470241","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1470241"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866611","reference_id":"866611","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866611"},{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2712","reference_id":"CVE-2017-10688","reference_type":"exploit","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2712"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42299.txt","reference_id":"CVE-2017-10688","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42299.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132310?format=json","purl":"pkg:deb/debian/tiff@4.0.8-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-10688"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfff-qfwq-gqhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102715?format=json","vulnerability_id":"VCID-sszm-sw4b-sufy","summary":"Heap-based buffer overflow in tif_ojpeg.c in the OJPEG decoder in LibTIFF before 3.9.5 allows remote attackers to execute arbitrary code via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5022.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-5022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-5022","reference_id":"","reference_type":"","scores":[{"value":"0.16555","scoring_system":"epss","scoring_elements":"0.95032","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-5022"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624287","reference_id":"624287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624287"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=695885","reference_id":"695885","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=695885"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/22681.txt","reference_id":"CVE-2009-5022;OSVDB-72260","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/22681.txt"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0452","reference_id":"RHSA-2011:0452","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0452"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132079?format=json","purl":"pkg:deb/debian/tiff@3.9.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2009-5022"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sszm-sw4b-sufy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102813?format=json","vulnerability_id":"VCID-t2x6-ux5m-aqgg","summary":"The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, a similar issue to CVE-2017-9935.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17795.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17795.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17795","reference_id":"","reference_type":"","scores":[{"value":"0.01525","scoring_system":"epss","scoring_elements":"0.81608","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17795"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1635091","reference_id":"1635091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1635091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132367?format=json","purl":"pkg:deb/debian/tiff@4.0.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17795"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t2x6-ux5m-aqgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102819?format=json","vulnerability_id":"VCID-t53k-td6e-v7av","summary":"There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18768.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18768.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18768","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09525","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18768"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235458","reference_id":"2235458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132394?format=json","purl":"pkg:deb/debian/tiff@4.0.10%2Bgit190814-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10%252Bgit190814-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2020-18768"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t53k-td6e-v7av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102764?format=json","vulnerability_id":"VCID-t75t-ga23-9kf3","summary":"Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10094.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10094.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10094","reference_id":"","reference_type":"","scores":[{"value":"0.008","scoring_system":"epss","scoring_elements":"0.74398","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10094"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410119","reference_id":"1410119","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410119"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132205?format=json","purl":"pkg:deb/debian/tiff@4.0.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10094"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t75t-ga23-9kf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102708?format=json","vulnerability_id":"VCID-t8jy-sjyh-rya3","summary":"Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3462.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3462.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3462","reference_id":"","reference_type":"","scores":[{"value":"0.01873","scoring_system":"epss","scoring_elements":"0.83463","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3462"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3462"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t8jy-sjyh-rya3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4721?format=json","vulnerability_id":"VCID-tht3-q94h-yya1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9273.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9273","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65584","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395164","reference_id":"1395164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844013","reference_id":"844013","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844013"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9273"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tht3-q94h-yya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102771?format=json","vulnerability_id":"VCID-tqy8-1kes-m3ek","summary":"LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"WRITE of size 2048\" and libtiff/tif_next.c:64:9.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10272.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10272.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10272","reference_id":"","reference_type":"","scores":[{"value":"0.00487","scoring_system":"epss","scoring_elements":"0.65752","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10272"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438458","reference_id":"1438458","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438458"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10272"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqy8-1kes-m3ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45518?format=json","vulnerability_id":"VCID-trbp-mf1m-6kbm","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nlibtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in tiffcrop cause heap-buffer-overflow and SEGV.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25433.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25433.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25433","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08155","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-25433"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/520","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/520"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/467","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/467"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218744","reference_id":"2218744","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218744"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25433","reference_id":"CVE-2023-25433","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-25433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:5079","reference_id":"RHSA-2024:5079","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:5079"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-25433"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trbp-mf1m-6kbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102810?format=json","vulnerability_id":"VCID-tsw3-kjqm-kqeu","summary":"A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17000.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17000","reference_id":"","reference_type":"","scores":[{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.79303","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17000"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1630004","reference_id":"1630004","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1630004"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908778","reference_id":"908778","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908778"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132376?format=json","purl":"pkg:deb/debian/tiff@4.0.10-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17000"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsw3-kjqm-kqeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102811?format=json","vulnerability_id":"VCID-tu3t-rdy1-eqa7","summary":"An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17100.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17100.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17100","reference_id":"","reference_type":"","scores":[{"value":"0.00302","scoring_system":"epss","scoring_elements":"0.53766","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17100"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631069","reference_id":"1631069","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631069"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909038","reference_id":"909038","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132379?format=json","purl":"pkg:deb/debian/tiff@4.0.9%2Bgit181026-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9%252Bgit181026-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-17100"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tu3t-rdy1-eqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64517?format=json","vulnerability_id":"VCID-tx52-6u1t-77cm","summary":"libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4775.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4775.json"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132632","reference_id":"1132632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450768","reference_id":"2450768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2450768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12265","reference_id":"RHSA-2026:12265","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12265"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:12271","reference_id":"RHSA-2026:12271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:12271"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:14929","reference_id":"RHSA-2026:14929","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:14929"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:16055","reference_id":"RHSA-2026:16055","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:16055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19150","reference_id":"RHSA-2026:19150","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19150"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19363","reference_id":"RHSA-2026:19363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19585","reference_id":"RHSA-2026:19585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19586","reference_id":"RHSA-2026:19586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19604","reference_id":"RHSA-2026:19604","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19604"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19608","reference_id":"RHSA-2026:19608","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19608"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19609","reference_id":"RHSA-2026:19609","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19609"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19657","reference_id":"RHSA-2026:19657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19659","reference_id":"RHSA-2026:19659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19659"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19702","reference_id":"RHSA-2026:19702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20583","reference_id":"RHSA-2026:20583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20585","reference_id":"RHSA-2026:20585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20591","reference_id":"RHSA-2026:20591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:20592","reference_id":"RHSA-2026:20592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:20592"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132444?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2026-4775"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tx52-6u1t-77cm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44443?format=json","vulnerability_id":"VCID-tynz-dfpk-6kgb","summary":"Out-of-bounds Write\nLibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0803.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0803.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0803","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07847","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0803"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/33aee1275d9d1384791d2206776eb8152d397f00"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/501","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/501"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170187","reference_id":"2170187","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170187"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0803","reference_id":"CVE-2023-0803","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0803"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json","reference_id":"CVE-2023-0803.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0803.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5353","reference_id":"RHSA-2023:5353","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5353"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0803"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tynz-dfpk-6kgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102732?format=json","vulnerability_id":"VCID-u5fp-p76p-qqd7","summary":"Buffer overflow in LibTIFF 3.9.4 and possibly other versions, as used in ImageIO in Apple iTunes before 10.2 on Windows and other products, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF image with JPEG encoding.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0191.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0191.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0191","reference_id":"","reference_type":"","scores":[{"value":"0.15086","scoring_system":"epss","scoring_elements":"0.94709","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0191"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=678956","reference_id":"678956","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=678956"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2011-0191"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u5fp-p76p-qqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102736?format=json","vulnerability_id":"VCID-u6j2-a2em-u3dv","summary":"Multiple integer overflows in tiff_getimage.c in LibTIFF 3.9.4 allow remote attackers to execute arbitrary code via a crafted tile size in a TIFF file, which is not properly handled by the (1) gtTileSeparate or (2) gtStripSeparate function, leading to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1173.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1173.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1173","reference_id":"","reference_type":"","scores":[{"value":"0.06846","scoring_system":"epss","scoring_elements":"0.91514","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1173"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=803078","reference_id":"803078","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=803078"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0468","reference_id":"RHSA-2012:0468","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0468"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132127?format=json","purl":"pkg:deb/debian/tiff@4.0.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-1173"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u6j2-a2em-u3dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102799?format=json","vulnerability_id":"VCID-ufhw-4wuz-cfe2","summary":"In LibTIFF 4.0.7, the TIFFReadDirEntryLong8Array function in libtiff/tif_dirread.c mishandles a malloc operation, which allows attackers to cause a denial of service (memory leak within the function _TIFFmalloc in tif_unix.c) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9815.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9815.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9815","reference_id":"","reference_type":"","scores":[{"value":"0.00467","scoring_system":"epss","scoring_elements":"0.64766","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9815"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1464449","reference_id":"1464449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1464449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132361?format=json","purl":"pkg:deb/debian/tiff@4.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9815"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ufhw-4wuz-cfe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4925?format=json","vulnerability_id":"VCID-ugr8-526g-5uhc","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0907.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0907","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42935","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/392","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/392"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/314","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/314"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064143","reference_id":"2064143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064143"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0907","reference_id":"CVE-2022-0907","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0907"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json","reference_id":"CVE-2022-0907.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0907.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132400?format=json","purl":"pkg:deb/debian/tiff@4.3.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0907"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugr8-526g-5uhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4738?format=json","vulnerability_id":"VCID-um8a-bvjq-abgy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36328","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093","reference_id":"1325093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3945"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um8a-bvjq-abgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102706?format=json","vulnerability_id":"VCID-up7j-sscy-q3e3","summary":"Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3460.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3460.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3460","reference_id":"","reference_type":"","scores":[{"value":"0.00835","scoring_system":"epss","scoring_elements":"0.74989","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3460"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3460"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-up7j-sscy-q3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6221?format=json","vulnerability_id":"VCID-uran-x628-rffb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10779.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10779.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10779","reference_id":"","reference_type":"","scores":[{"value":"0.00509","scoring_system":"epss","scoring_elements":"0.66719","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10779"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1577311","reference_id":"1577311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1577311"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898359","reference_id":"898359","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898359"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-816","reference_id":"AVG-816","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-10779"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uran-x628-rffb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4724?format=json","vulnerability_id":"VCID-uscn-2nfg-mqay","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5652.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5652","reference_id":"","reference_type":"","scores":[{"value":"0.03829","scoring_system":"epss","scoring_elements":"0.88351","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389222","reference_id":"1389222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1389222"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842361","reference_id":"842361","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842361"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5652"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uscn-2nfg-mqay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45436?format=json","vulnerability_id":"VCID-utc5-s51e-wygd","summary":"NULL Pointer Dereference\nA NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3316.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3316.json"},{"reference_url":"https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/","reference_id":"","reference_type":"","scores":[],"url":"https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216080","reference_id":"2216080","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2216080"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3316","reference_id":"CVE-2023-3316","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-3316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-3316"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utc5-s51e-wygd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102788?format=json","vulnerability_id":"VCID-vaas-sjrq-8bch","summary":"LibTIFF 4.0.7 has an \"outside the range of representable values of type float\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7596.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7596","reference_id":"","reference_type":"","scores":[{"value":"0.0021","scoring_system":"epss","scoring_elements":"0.43368","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7596"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441250","reference_id":"1441250","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441250"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7596"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vaas-sjrq-8bch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102784?format=json","vulnerability_id":"VCID-vpcf-pnzv-1bgy","summary":"The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7592.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7592.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7592","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42095","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7592"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441240","reference_id":"1441240","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441240"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859998","reference_id":"859998","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=859998"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7592"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpcf-pnzv-1bgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102737?format=json","vulnerability_id":"VCID-vpnh-b4rq-wqhy","summary":"Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2088.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2088.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2088","reference_id":"","reference_type":"","scores":[{"value":"0.02978","scoring_system":"epss","scoring_elements":"0.86777","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2088"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140","reference_id":"678140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=832864","reference_id":"832864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=832864"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1054","reference_id":"RHSA-2012:1054","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1054"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132130?format=json","purl":"pkg:deb/debian/tiff@4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-2088"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vpnh-b4rq-wqhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102704?format=json","vulnerability_id":"VCID-vxvp-9jaw-4ka8","summary":"Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3459.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3459.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3459","reference_id":"","reference_type":"","scores":[{"value":"0.687","scoring_system":"epss","scoring_elements":"0.98637","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3459"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16862.rb","reference_id":"CVE-2006-3459;OSVDB-27723","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16862.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16868.rb","reference_id":"CVE-2006-3459;OSVDB-27723","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16868.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16869.rb","reference_id":"CVE-2006-3459;OSVDB-27723","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16869.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21868.rb","reference_id":"CVE-2010-0188;OSVDB-27723;CVE-2006-3459","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21868.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21869.rb","reference_id":"CVE-2010-0188;OSVDB-27723;CVE-2006-3459","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21869.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11787.py","reference_id":"CVE-2010-0188;OSVDB-62526;CVE-2006-3459;OSVDB-27723","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11787.py"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3459"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxvp-9jaw-4ka8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3160?format=json","vulnerability_id":"VCID-vzty-mrqp-nbam","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3597.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3597","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08573","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3597"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142736","reference_id":"2142736","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142736"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3597"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vzty-mrqp-nbam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4719?format=json","vulnerability_id":"VCID-w79s-bv7d-s7hf","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9448.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9448.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9448","reference_id":"","reference_type":"","scores":[{"value":"0.03306","scoring_system":"epss","scoring_elements":"0.87464","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9448"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397734","reference_id":"1397734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397734"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132115?format=json","purl":"pkg:deb/debian/tiff@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9448"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w79s-bv7d-s7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102787?format=json","vulnerability_id":"VCID-wbht-h92n-dkdu","summary":"The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7595.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7595","reference_id":"","reference_type":"","scores":[{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48913","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7595"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441248","reference_id":"1441248","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441248"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860003","reference_id":"860003","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860003"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7595"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbht-h92n-dkdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4707?format=json","vulnerability_id":"VCID-wbmf-tw8n-1ucj","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10095.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10095","reference_id":"","reference_type":"","scores":[{"value":"0.00732","scoring_system":"epss","scoring_elements":"0.73079","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410063","reference_id":"1410063","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410063"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850316","reference_id":"850316","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850316"},{"reference_url":"https://security.archlinux.org/ASA-201707-17","reference_id":"ASA-201707-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-17"},{"reference_url":"https://security.archlinux.org/ASA-201707-18","reference_id":"ASA-201707-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201707-18"},{"reference_url":"https://security.archlinux.org/AVG-5","reference_id":"AVG-5","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-5"},{"reference_url":"https://security.archlinux.org/AVG-87","reference_id":"AVG-87","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-87"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132208?format=json","purl":"pkg:deb/debian/tiff@4.0.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10095"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbmf-tw8n-1ucj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102770?format=json","vulnerability_id":"VCID-wbqh-dpwk-pfgd","summary":"tools/tiffcrop.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (heap-based buffer over-read and buffer overflow) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 1\" and libtiff/tif_fax3.c:413:13.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10271.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10271","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62226","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10271"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438453","reference_id":"1438453","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438453"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10271"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbqh-dpwk-pfgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102702?format=json","vulnerability_id":"VCID-wh8u-9rpb-f7dr","summary":"Stack-based buffer overflow in the tiffsplit command in libtiff 3.8.2 and earlier might might allow attackers to execute arbitrary code via a long filename.  NOTE: tiffsplit is not setuid.  If there is not a common scenario under which tiffsplit is called with attacker-controlled command line arguments, then perhaps this issue should not be included in CVE.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2656.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2656.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2656","reference_id":"","reference_type":"","scores":[{"value":"0.15208","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2656"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=193166","reference_id":"193166","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=193166"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369819","reference_id":"369819","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=369819"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1831.txt","reference_id":"OSVDB-26030;CVE-2006-2656","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1831.txt"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132059?format=json","purl":"pkg:deb/debian/tiff@3.8.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-2656"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wh8u-9rpb-f7dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102783?format=json","vulnerability_id":"VCID-wvp7-k93h-6ubw","summary":"LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5563.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5563.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5563","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5563"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416109","reference_id":"1416109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416109"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-5563"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvp7-k93h-6ubw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4922?format=json","vulnerability_id":"VCID-wxte-z2qm-xues","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0924.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0924.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0924","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21688","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0924"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22844"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/278","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/278"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/311","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/311"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064148","reference_id":"2064148","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2064148"},{"reference_url":"https://security.archlinux.org/ASA-202204-6","reference_id":"ASA-202204-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202204-6"},{"reference_url":"https://security.archlinux.org/AVG-2658","reference_id":"AVG-2658","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2658"},{"reference_url":"https://security.archlinux.org/AVG-2659","reference_id":"AVG-2659","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2659"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0924","reference_id":"CVE-2022-0924","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0924"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json","reference_id":"CVE-2022-0924.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0924.json"},{"reference_url":"https://security.gentoo.org/glsa/202210-10","reference_id":"GLSA-202210-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7585","reference_id":"RHSA-2022:7585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8194","reference_id":"RHSA-2022:8194","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8194"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132398?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132400?format=json","purl":"pkg:deb/debian/tiff@4.3.0-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.3.0-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-0924"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxte-z2qm-xues"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6208?format=json","vulnerability_id":"VCID-wyae-x32v-ckb8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18013.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18013.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18013","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51981","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1530440","reference_id":"1530440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1530440"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885985","reference_id":"885985","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885985"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-813","reference_id":"AVG-813","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-813"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132332?format=json","purl":"pkg:deb/debian/tiff@4.0.9-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18013"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyae-x32v-ckb8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102777?format=json","vulnerability_id":"VCID-x3j5-e33g-fqea","summary":"There is a reachable assertion abort in the function TIFFWriteDirectorySec() in LibTIFF 4.0.8, related to tif_dirwrite.c and a SubIFD tag. A crafted input will lead to a remote denial of service attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13726.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-13726.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13726","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70927","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13726"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488886","reference_id":"1488886","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488886"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873880","reference_id":"873880","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873880"},{"reference_url":"https://security.archlinux.org/AVG-814","reference_id":"AVG-814","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-814"},{"reference_url":"https://security.archlinux.org/AVG-815","reference_id":"AVG-815","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-815"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132324?format=json","purl":"pkg:deb/debian/tiff@4.0.8-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-13726"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3j5-e33g-fqea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102761?format=json","vulnerability_id":"VCID-x4td-c35s-tkgw","summary":"Integer overflow in tools/bmp2tiff.c in LibTIFF before 4.0.4 allows remote attackers to cause a denial of service (heap-based buffer over-read), or possibly obtain sensitive information from process memory, via crafted width and length values in RLE4 or RLE8 data in a BMP file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8870.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8870.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8870","reference_id":"","reference_type":"","scores":[{"value":"0.00741","scoring_system":"epss","scoring_elements":"0.73329","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8870"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402778","reference_id":"1402778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132173?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-8870"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4td-c35s-tkgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102557?format=json","vulnerability_id":"VCID-x5kg-eg4a-7bdc","summary":"libtiff: out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3598.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3598","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12849","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3598"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555","reference_id":"1022555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022555"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142738","reference_id":"2142738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2340","reference_id":"RHSA-2023:2340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132409?format=json","purl":"pkg:deb/debian/tiff@4.4.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-3598"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x5kg-eg4a-7bdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6222?format=json","vulnerability_id":"VCID-xstr-45ms-4qe6","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9935.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9935","reference_id":"","reference_type":"","scores":[{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65691","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469725","reference_id":"1469725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1469725"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109","reference_id":"866109","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109"},{"reference_url":"https://security.archlinux.org/ASA-201811-17","reference_id":"ASA-201811-17","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-17"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-790","reference_id":"AVG-790","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-790"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132367?format=json","purl":"pkg:deb/debian/tiff@4.0.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9935"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xstr-45ms-4qe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102776?format=json","vulnerability_id":"VCID-xtt1-8er5-y7dh","summary":"The TIFFReadDirEntryArray function in tif_read.c in LibTIFF 4.0.8 mishandles memory allocation for short files, which allows remote attackers to cause a denial of service (allocation failure and application crash) in the TIFFFetchStripThing function in tif_dirread.c during a tiff2pdf invocation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12944.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12944.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12944","reference_id":"","reference_type":"","scores":[{"value":"0.0074","scoring_system":"epss","scoring_elements":"0.73288","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487202","reference_id":"1487202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1487202"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872607","reference_id":"872607","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=872607"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132321?format=json","purl":"pkg:deb/debian/tiff@4.0.8-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12944"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xtt1-8er5-y7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102720?format=json","vulnerability_id":"VCID-y111-7xx7-k7bm","summary":"The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an OJPEG image with undefined strip offsets, related to the TIFFVGetField function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2443.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2443","reference_id":"","reference_type":"","scores":[{"value":"0.02674","scoring_system":"epss","scoring_elements":"0.86105","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2443"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=608010","reference_id":"608010","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=608010"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2443"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y111-7xx7-k7bm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102793?format=json","vulnerability_id":"VCID-y1ub-vfy9-7ygt","summary":"LibTIFF 4.0.7 has a \"shift exponent too large for 64-bit type long\" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7601.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7601","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52104","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7601"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441261","reference_id":"1441261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1441261"},{"reference_url":"https://security.archlinux.org/ASA-201704-10","reference_id":"ASA-201704-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201704-10"},{"reference_url":"https://security.archlinux.org/AVG-237","reference_id":"AVG-237","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-237"},{"reference_url":"https://security.archlinux.org/AVG-817","reference_id":"AVG-817","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-817"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132340?format=json","purl":"pkg:deb/debian/tiff@4.0.7-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-7601"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1ub-vfy9-7ygt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45513?format=json","vulnerability_id":"VCID-y3yu-p8ng-buhc","summary":"Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')\nlibtiff 4.5.0 is vulnerable to Buffer Overflow in uv_encode() when libtiff reads a corrupted little-endian TIFF file and specifies the output to be big-endian.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26966.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26966","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08895","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26966"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/530","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/530"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/473","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/473"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218749","reference_id":"2218749","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2218749"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26966","reference_id":"CVE-2023-26966","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-26966"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6575","reference_id":"RHSA-2023:6575","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6575"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132423?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132422?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132424?format=json","purl":"pkg:deb/debian/tiff@4.5.1~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.1~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-26966"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3yu-p8ng-buhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102797?format=json","vulnerability_id":"VCID-y6s6-ubu5-dbad","summary":"In LibTIFF 4.0.7, a memory leak vulnerability was found in the function TIFFReadDirEntryLong8Array in tif_dirread.c, which allows attackers to cause a denial of service via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9403.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9403","reference_id":"","reference_type":"","scores":[{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66827","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9403"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458902","reference_id":"1458902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1458902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132361?format=json","purl":"pkg:deb/debian/tiff@4.0.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9403"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6s6-ubu5-dbad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102755?format=json","vulnerability_id":"VCID-ybp6-nrjt-7bdk","summary":"The (1) putcontig8bitYCbCr21tile function in tif_getimage.c or (2) NeXTDecode function in tif_next.c in LibTIFF allows remote attackers to cause a denial of service (uninitialized memory access) via a crafted TIFF image, as demonstrated by libtiff-cvs-1.tif and libtiff-cvs-2.tif.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9655.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9655","reference_id":"","reference_type":"","scores":[{"value":"0.01105","scoring_system":"epss","scoring_elements":"0.78433","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190703","reference_id":"1190703","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190703"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390","reference_id":"777390","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132168?format=json","purl":"pkg:deb/debian/tiff@4.0.3-12.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-12.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-9655"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybp6-nrjt-7bdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3162?format=json","vulnerability_id":"VCID-yekv-pd53-nfgw","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34526.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-34526.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34526","reference_id":"","reference_type":"","scores":[{"value":"0.00171","scoring_system":"epss","scoring_elements":"0.38055","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-34526"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112756","reference_id":"2112756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2112756"},{"reference_url":"https://security.archlinux.org/AVG-2842","reference_id":"AVG-2842","reference_type":"","scores":[{"value":"Unknown","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2842"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132403?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132408?format=json","purl":"pkg:deb/debian/tiff@4.4.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2022-34526"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yekv-pd53-nfgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44434?format=json","vulnerability_id":"VCID-yfgk-2pdu-w3gc","summary":"Out-of-bounds Read\nLibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3592, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0796.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0796.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0796","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02067","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0796"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/commit/afaabc3e50d4e5d80a94143f7e3c997e7e410f68"},{"reference_url":"https://gitlab.com/libtiff/libtiff/-/issues/499","reference_id":"","reference_type":"","scores":[],"url":"https://gitlab.com/libtiff/libtiff/-/issues/499"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632","reference_id":"1031632","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031632"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170146","reference_id":"2170146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2170146"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0796","reference_id":"CVE-2023-0796","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0796"},{"reference_url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json","reference_id":"CVE-2023-0796.JSON","reference_type":"","scores":[],"url":"https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0796.json"},{"reference_url":"https://security.gentoo.org/glsa/202305-31","reference_id":"GLSA-202305-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3711","reference_id":"RHSA-2023:3711","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3711"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132414?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132413?format=json","purl":"pkg:deb/debian/tiff@4.5.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2023-0796"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfgk-2pdu-w3gc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102707?format=json","vulnerability_id":"VCID-yhcx-mmhn-83em","summary":"Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3461.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3461.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3461","reference_id":"","reference_type":"","scores":[{"value":"0.0369","scoring_system":"epss","scoring_elements":"0.88144","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111","reference_id":"199111","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=199111"},{"reference_url":"https://security.gentoo.org/glsa/200608-07","reference_id":"GLSA-200608-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200608-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0603","reference_id":"RHSA-2006:0603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0648","reference_id":"RHSA-2006:0648","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0648"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132060?format=json","purl":"pkg:deb/debian/tiff@3.8.2-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.8.2-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2006-3461"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhcx-mmhn-83em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102750?format=json","vulnerability_id":"VCID-yjke-vqxv-8bgu","summary":"The LZW decompressor in the gif2tiff tool in libtiff 4.0.3 and earlier allows context-dependent attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a crafted GIF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4244.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4244.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4244","reference_id":"","reference_type":"","scores":[{"value":"0.0065","scoring_system":"epss","scoring_elements":"0.71212","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4244"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4244"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=996468","reference_id":"996468","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=996468"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132159?format=json","purl":"pkg:deb/debian/tiff@4.0.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-4244"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjke-vqxv-8bgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102716?format=json","vulnerability_id":"VCID-yq53-171e-nye4","summary":"Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTIFF before 3.9.3, as used in ImageIO in Apple Mac OS X 10.5.8 and Mac OS X 10.6 before 10.6.4, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted TIFF file that triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1411.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1411.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1411","reference_id":"","reference_type":"","scores":[{"value":"0.00745","scoring_system":"epss","scoring_elements":"0.73403","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1411"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=592361","reference_id":"592361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=592361"},{"reference_url":"https://security.gentoo.org/glsa/201209-02","reference_id":"GLSA-201209-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0519","reference_id":"RHSA-2010:0519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0520","reference_id":"RHSA-2010:0520","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0520"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132081?format=json","purl":"pkg:deb/debian/tiff@3.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2010-1411"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yq53-171e-nye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102766?format=json","vulnerability_id":"VCID-yv81-wmmc-hqgx","summary":"LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10267.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10267.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10267","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44674","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438449","reference_id":"1438449","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438449"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10267"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yv81-wmmc-hqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4731?format=json","vulnerability_id":"VCID-z3mf-7y22-q7bz","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5317.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5317.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5317","reference_id":"","reference_type":"","scores":[{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.67082","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346689","reference_id":"1346689","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346689"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700","reference_id":"830700","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=830700"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5317"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z3mf-7y22-q7bz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4725?format=json","vulnerability_id":"VCID-z677-7ega-8khj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5323.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5323.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5323","reference_id":"","reference_type":"","scores":[{"value":"0.00665","scoring_system":"epss","scoring_elements":"0.71598","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346696","reference_id":"1346696","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346696"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132250?format=json","purl":"pkg:deb/debian/tiff@4.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5323"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z677-7ega-8khj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102796?format=json","vulnerability_id":"VCID-z6je-fvue-jbg8","summary":"LibTIFF 4.0.7 has an invalid read in the _TIFFVGetField function in tif_dir.c, which might allow remote attackers to cause a denial of service (crash) via a crafted TIFF file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9147.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9147","reference_id":"","reference_type":"","scores":[{"value":"0.02824","scoring_system":"epss","scoring_elements":"0.86434","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9147"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1454655","reference_id":"1454655","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1454655"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863185","reference_id":"863185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863185"},{"reference_url":"http://bugzilla.maptools.org/show_bug.cgi?id=2693","reference_id":"CVE-2017-9147","reference_type":"exploit","scores":[],"url":"http://bugzilla.maptools.org/show_bug.cgi?id=2693"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42301.txt","reference_id":"CVE-2017-9147","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42301.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132208?format=json","purl":"pkg:deb/debian/tiff@4.0.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9147"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6je-fvue-jbg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4712?format=json","vulnerability_id":"VCID-z6yx-cgpy-cqax","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9537.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9537.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9537","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397760","reference_id":"1397760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397760"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9537"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yx-cgpy-cqax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102689?format=json","vulnerability_id":"VCID-ze5z-dppj-f7gy","summary":"Stack-based buffer overflow in libTIFF before 3.7.2 allows remote attackers to execute arbitrary code via a TIFF file with a malformed BitsPerSample tag.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1544.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1544","reference_id":"","reference_type":"","scores":[{"value":"0.15653","scoring_system":"epss","scoring_elements":"0.94826","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1544"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309739","reference_id":"309739","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=309739"},{"reference_url":"https://security.gentoo.org/glsa/200505-07","reference_id":"GLSA-200505-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200505-07"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/1554.c","reference_id":"OSVDB-23782;CVE-2005-1544;OSVDB-16350","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/1554.c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132054?format=json","purl":"pkg:deb/debian/tiff@3.7.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@3.7.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2005-1544"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ze5z-dppj-f7gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4739?format=json","vulnerability_id":"VCID-zhm8-29qs-jufd","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3658.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3658.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3658","reference_id":"","reference_type":"","scores":[{"value":"0.00898","scoring_system":"epss","scoring_elements":"0.76023","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326257","reference_id":"1326257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326257"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3658"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhm8-29qs-jufd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102740?format=json","vulnerability_id":"VCID-zjd6-e89g-2ygc","summary":"Heap-based buffer overflow in tif_pixarlog.c in LibTIFF before 4.0.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF image using the PixarLog Compression format.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-4447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4447","reference_id":"","reference_type":"","scores":[{"value":"0.01189","scoring_system":"epss","scoring_elements":"0.79161","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-4447"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688944","reference_id":"688944","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688944"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=860198","reference_id":"860198","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=860198"},{"reference_url":"https://security.gentoo.org/glsa/201402-21","reference_id":"GLSA-201402-21","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-21"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1590","reference_id":"RHSA-2012:1590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1590"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132138?format=json","purl":"pkg:deb/debian/tiff@4.0.2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2012-4447"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjd6-e89g-2ygc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102762?format=json","vulnerability_id":"VCID-zjvv-t6ep-mkcf","summary":"Heap-based buffer overflow in the readContigStripsIntoBuffer function in tif_unix.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10092.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10092.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10092","reference_id":"","reference_type":"","scores":[{"value":"0.02323","scoring_system":"epss","scoring_elements":"0.85099","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10092"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410067","reference_id":"1410067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410067"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10092"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjvv-t6ep-mkcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102818?format=json","vulnerability_id":"VCID-zm7g-5yf7-tyc6","summary":"An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7663.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7663","reference_id":"","reference_type":"","scores":[{"value":"0.00547","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7663"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677528","reference_id":"1677528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677528"},{"reference_url":"https://security.archlinux.org/ASA-201911-13","reference_id":"ASA-201911-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201911-13"},{"reference_url":"https://security.archlinux.org/AVG-886","reference_id":"AVG-886","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-886"},{"reference_url":"https://security.gentoo.org/glsa/202003-25","reference_id":"GLSA-202003-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-25"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132376?format=json","purl":"pkg:deb/debian/tiff@4.0.10-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.10-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2019-7663"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zm7g-5yf7-tyc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102749?format=json","vulnerability_id":"VCID-zmv8-tbdx-7bce","summary":"Heap-based buffer overflow in the readgifimage function in the gif2tiff tool in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted height and width values in a GIF image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4243.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4243","reference_id":"","reference_type":"","scores":[{"value":"0.18712","scoring_system":"epss","scoring_elements":"0.95407","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4243"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742917","reference_id":"742917","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=996052","reference_id":"996052","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=996052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0222","reference_id":"RHSA-2014:0222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0223","reference_id":"RHSA-2014:0223","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0223"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132157?format=json","purl":"pkg:deb/debian/tiff@4.0.3-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.3-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2013-4243"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zmv8-tbdx-7bce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4726?format=json","vulnerability_id":"VCID-znt9-r8xc-bbek","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5322.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5322","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39295","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346683","reference_id":"1346683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346683"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5322"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znt9-r8xc-bbek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102767?format=json","vulnerability_id":"VCID-zq3e-3wzu-d3eh","summary":"tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to \"READ of size 78490\" and libtiff/tif_unix.c:115:23.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10268.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10268","reference_id":"","reference_type":"","scores":[{"value":"0.00194","scoring_system":"epss","scoring_elements":"0.4111","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10268"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438447","reference_id":"1438447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1438447"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132201?format=json","purl":"pkg:deb/debian/tiff@4.0.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-10268"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zq3e-3wzu-d3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6207?format=json","vulnerability_id":"VCID-zw8d-7hse-1fe1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10963.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10963.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10963","reference_id":"","reference_type":"","scores":[{"value":"0.00141","scoring_system":"epss","scoring_elements":"0.33903","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579058","reference_id":"1579058","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579058"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898348","reference_id":"898348","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898348"},{"reference_url":"https://security.archlinux.org/ASA-201811-18","reference_id":"ASA-201811-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201811-18"},{"reference_url":"https://security.archlinux.org/AVG-791","reference_id":"AVG-791","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-791"},{"reference_url":"https://security.archlinux.org/AVG-813","reference_id":"AVG-813","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2053","reference_id":"RHSA-2019:2053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2053"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132374?format=json","purl":"pkg:deb/debian/tiff@4.0.9-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.9-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2018-10963"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zw8d-7hse-1fe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4757?format=json","vulnerability_id":"VCID-zxv1-87z1-hkbr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8127.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8127.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8127","reference_id":"","reference_type":"","scores":[{"value":"0.01097","scoring_system":"epss","scoring_elements":"0.78345","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8127"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1547"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185805","reference_id":"1185805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1185805"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185","reference_id":"776185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776185"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132162?format=json","purl":"pkg:deb/debian/tiff@4.0.6-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2014-8127"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxv1-87z1-hkbr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4737?format=json","vulnerability_id":"VCID-zzch-261b-3ua1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63679","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246","reference_id":"1326246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570","reference_id":"836570","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3990"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzch-261b-3ua1"}],"risk_score":"3.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"}