{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","type":"deb","namespace":"debian","name":"tiff","version":"4.0.7-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.0.7-2","latest_non_vulnerable_version":"4.7.1-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102795?format=json","vulnerability_id":"VCID-24bg-v8c6-q3f6","summary":"In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activation point is in the bmp2tiff.c file (which was removed before the 4.0.7 release).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9117.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9117","reference_id":"","reference_type":"","scores":[{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29565","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29634","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00114","scoring_system":"epss","scoring_elements":"0.29596","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9117"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456756","reference_id":"1456756","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456756"},{"reference_url":"https://usn.ubuntu.com/3606-1/","reference_id":"USN-3606-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3606-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-9117"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-24bg-v8c6-q3f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4736?format=json","vulnerability_id":"VCID-346w-g3br-qyfj","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3991.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63721","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63728","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249","reference_id":"1326249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326249"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3991"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-346w-g3br-qyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4717?format=json","vulnerability_id":"VCID-4gq3-smes-y3ej","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9532.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9532.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9532","reference_id":"","reference_type":"","scores":[{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69444","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69483","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00585","scoring_system":"epss","scoring_elements":"0.69491","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397726","reference_id":"1397726","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397726"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844057","reference_id":"844057","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844057"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9532"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gq3-smes-y3ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4714?format=json","vulnerability_id":"VCID-5bpk-63mp-myea","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9535.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9535.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9535","reference_id":"","reference_type":"","scores":[{"value":"0.00604","scoring_system":"epss","scoring_elements":"0.70023","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00604","scoring_system":"epss","scoring_elements":"0.69974","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00604","scoring_system":"epss","scoring_elements":"0.70014","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10267"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10269"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3658"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9535"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7592"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7602"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397755","reference_id":"1397755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397755"},{"reference_url":"https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1","reference_id":"3ca657a8793dd011bf869695d72ad31c779c3cc1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"https://github.com/vadz/libtiff/commit/3ca657a8793dd011bf869695d72ad31c779c3cc1"},{"reference_url":"https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33","reference_id":"6a984bf7905c6621281588431f384e79d11a2e33","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"https://github.com/vadz/libtiff/commit/6a984bf7905c6621281588431f384e79d11a2e33"},{"reference_url":"http://www.securityfocus.com/bid/94484","reference_id":"94484","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"http://www.securityfocus.com/bid/94484"},{"reference_url":"http://www.securityfocus.com/bid/94744","reference_id":"94744","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"http://www.securityfocus.com/bid/94744"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"http://www.debian.org/security/2017/dsa-3844","reference_id":"dsa-3844","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"http://www.debian.org/security/2017/dsa-3844"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2017-0225.html","reference_id":"RHSA-2017-0225.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-05-29T20:24:50Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2017-0225.html"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9535"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bpk-63mp-myea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4716?format=json","vulnerability_id":"VCID-ajjg-j3u3-87hb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9533.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9533","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45092","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45161","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45165","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397769","reference_id":"1397769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397769"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9533"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajjg-j3u3-87hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4709?format=json","vulnerability_id":"VCID-eane-ev3e-93d3","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9540.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9540","reference_id":"","reference_type":"","scores":[{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62196","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62245","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00419","scoring_system":"epss","scoring_elements":"0.62252","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397768","reference_id":"1397768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397768"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9540"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eane-ev3e-93d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4711?format=json","vulnerability_id":"VCID-f79u-ccnn-fkb2","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9538.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9538","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62108","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62115","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397765","reference_id":"1397765","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397765"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9538"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f79u-ccnn-fkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4755?format=json","vulnerability_id":"VCID-gr1x-z5t8-j3eh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7313.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7313","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32379","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32451","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32419","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7313"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1265998","reference_id":"1265998","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1265998"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800124","reference_id":"800124","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=800124"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2015-7313"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr1x-z5t8-j3eh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4720?format=json","vulnerability_id":"VCID-h17a-js2a-x7dh","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9297.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9297","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57876","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57929","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57937","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395264","reference_id":"1395264","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395264"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844226","reference_id":"844226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844226"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9297"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h17a-js2a-x7dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4715?format=json","vulnerability_id":"VCID-hep7-wa9u-ybbb","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9534.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9534","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63863","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63905","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63912","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397751","reference_id":"1397751","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397751"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9534"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hep7-wa9u-ybbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4713?format=json","vulnerability_id":"VCID-k5c9-5xnv-57f7","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9536.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9536","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62108","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62115","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397758","reference_id":"1397758","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397758"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9536"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5c9-5xnv-57f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4710?format=json","vulnerability_id":"VCID-nubb-rk2q-z3de","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9539.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9539","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62108","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62115","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9539"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397767","reference_id":"1397767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397767"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9539"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nubb-rk2q-z3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4747?format=json","vulnerability_id":"VCID-rarp-cytw-9yfq","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3622.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3622.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3622","reference_id":"","reference_type":"","scores":[{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76137","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76162","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00906","scoring_system":"epss","scoring_elements":"0.76165","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324823","reference_id":"1324823","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1324823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820365","reference_id":"820365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820365"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3622"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rarp-cytw-9yfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4721?format=json","vulnerability_id":"VCID-tht3-q94h-yya1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9273.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9273.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9273","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65584","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65637","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65648","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395164","reference_id":"1395164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1395164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844013","reference_id":"844013","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844013"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9273"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tht3-q94h-yya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4738?format=json","vulnerability_id":"VCID-um8a-bvjq-abgy","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36328","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36421","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.3643","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093","reference_id":"1325093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1325093"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-4/","reference_id":"USN-3212-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3945"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-um8a-bvjq-abgy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/102783?format=json","vulnerability_id":"VCID-wvp7-k93h-6ubw","summary":"LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5563.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5563.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5563","reference_id":"","reference_type":"","scores":[{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58079","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00354","scoring_system":"epss","scoring_elements":"0.58087","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5563"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5563"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416109","reference_id":"1416109","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416109"},{"reference_url":"https://security.gentoo.org/glsa/201709-27","reference_id":"GLSA-201709-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-27"},{"reference_url":"https://usn.ubuntu.com/3606-1/","reference_id":"USN-3606-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3606-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2017-5563"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wvp7-k93h-6ubw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4712?format=json","vulnerability_id":"VCID-z6yx-cgpy-cqax","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9537.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9537.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9537","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62059","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62108","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62115","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397760","reference_id":"1397760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1397760"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0225","reference_id":"RHSA-2017:0225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0225"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-9537"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z6yx-cgpy-cqax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4726?format=json","vulnerability_id":"VCID-znt9-r8xc-bbek","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5322.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5322.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5322","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39295","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39384","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39388","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346683","reference_id":"1346683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1346683"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-5322"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znt9-r8xc-bbek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4737?format=json","vulnerability_id":"VCID-zzch-261b-3ua1","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3990.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63679","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63721","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63728","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10093"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10094"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3622"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3623"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3624"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5315"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5317"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5321"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5322"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6223"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9453"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9537"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246","reference_id":"1326246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1326246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570","reference_id":"836570","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836570"},{"reference_url":"https://security.archlinux.org/ASA-201611-26","reference_id":"ASA-201611-26","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-26"},{"reference_url":"https://security.archlinux.org/ASA-201611-27","reference_id":"ASA-201611-27","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201611-27"},{"reference_url":"https://security.archlinux.org/AVG-85","reference_id":"AVG-85","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-85"},{"reference_url":"https://security.archlinux.org/AVG-86","reference_id":"AVG-86","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-86"},{"reference_url":"https://security.gentoo.org/glsa/201701-16","reference_id":"GLSA-201701-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-16"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1546","reference_id":"RHSA-2016:1546","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1546"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1547","reference_id":"RHSA-2016:1547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1547"},{"reference_url":"https://usn.ubuntu.com/3212-1/","reference_id":"USN-3212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-1/"},{"reference_url":"https://usn.ubuntu.com/3212-3/","reference_id":"USN-3212-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3212-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/132182?format=json","purl":"pkg:deb/debian/tiff@4.0.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132045?format=json","purl":"pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-anfx-xj8v-kfg8"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-hhgz-j76b-k7d4"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"},{"vulnerability":"VCID-xms6-c2j7-hfh8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132043?format=json","purl":"pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-5zvp-ysut-juep"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-6v96-k8cs-13f7"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-c7nt-5d64-kkev"},{"vulnerability":"VCID-cpk7-uyvf-3kb6"},{"vulnerability":"VCID-d52s-g5c7-qka3"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-gyvd-4m8g-jkdu"},{"vulnerability":"VCID-kxdc-8rht-vfdy"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-nwgs-pqj7-xkbs"},{"vulnerability":"VCID-su9v-ewt3-6ua8"},{"vulnerability":"VCID-xg35-8jbc-wqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132047?format=json","purl":"pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5qdp-vzrd-uqgc"},{"vulnerability":"VCID-6hf4-rc1a-pbg6"},{"vulnerability":"VCID-92dt-g6m8-fufk"},{"vulnerability":"VCID-fbks-9s7e-wfcj"},{"vulnerability":"VCID-n3p5-9ykg-sufd"},{"vulnerability":"VCID-su9v-ewt3-6ua8"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/132046?format=json","purl":"pkg:deb/debian/tiff@4.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"}],"aliases":["CVE-2016-3990"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzch-261b-3ua1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.7-1%3Fdistro=trixie"}