{"url":"http://public2.vulnerablecode.io/api/packages/174091?format=json","purl":"pkg:deb/debian/exiv2@0.17-1?distro=trixie","type":"deb","namespace":"debian","name":"exiv2","version":"0.17-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.24-4.1","latest_non_vulnerable_version":"0.28.8+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7031?format=json","vulnerability_id":"VCID-pfrj-s55f-7ubw","summary":"Exiv2 0.16 allows user-assisted remote attackers to cause a denial of service (divide-by-zero and application crash) via a zero value in Nikon lens information in the metadata of an image, related to \"pretty printing\" and the RationalValue::toLong function.","references":[{"reference_url":"http://bugzilla.gnome.org/show_bug.cgi?id=524715","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.gnome.org/show_bug.cgi?id=524715"},{"reference_url":"http://dev.robotbattle.com/bugs/view.php?id=0000546","reference_id":"","reference_type":"","scores":[],"url":"http://dev.robotbattle.com/bugs/view.php?id=0000546"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00012.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2696.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2696","reference_id":"","reference_type":"","scores":[{"value":"0.01783","scoring_system":"epss","scoring_elements":"0.83044","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696"},{"reference_url":"http://secunia.com/advisories/30519","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/30519"},{"reference_url":"http://secunia.com/advisories/32273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/32273"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42885","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/42885"},{"reference_url":"http://www.exiv2.org/changelog.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.exiv2.org/changelog.html"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:119","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:119"},{"reference_url":"http://www.securityfocus.com/bid/29586","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/29586"},{"reference_url":"http://www.ubuntu.com/usn/usn-655-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-655-1"},{"reference_url":"http://www.vupen.com/english/advisories/2008/1766/references","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2008/1766/references"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=451613","reference_id":"451613","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=451613"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486328","reference_id":"486328","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486328"},{"reference_url":"https://usn.ubuntu.com/655-1/","reference_id":"USN-655-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/655-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/174091?format=json","purl":"pkg:deb/debian/exiv2@0.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/174087?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5m46-2feu-yuh1"},{"vulnerability":"VCID-9nxb-v8b8-bkcf"},{"vulnerability":"VCID-bpyz-ymzy-zufs"},{"vulnerability":"VCID-cs4q-3rwr-vke4"},{"vulnerability":"VCID-jtxa-kc5c-z7cr"},{"vulnerability":"VCID-p48j-jh17-7fa9"},{"vulnerability":"VCID-pxbv-ypp8-wkfs"},{"vulnerability":"VCID-yyhh-t98b-cyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/174085?format=json","purl":"pkg:deb/debian/exiv2@0.27.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5m46-2feu-yuh1"},{"vulnerability":"VCID-9nxb-v8b8-bkcf"},{"vulnerability":"VCID-bpyz-ymzy-zufs"},{"vulnerability":"VCID-cs4q-3rwr-vke4"},{"vulnerability":"VCID-jtxa-kc5c-z7cr"},{"vulnerability":"VCID-p48j-jh17-7fa9"},{"vulnerability":"VCID-yyhh-t98b-cyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/174089?format=json","purl":"pkg:deb/debian/exiv2@0.28.5%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-9nxb-v8b8-bkcf"},{"vulnerability":"VCID-bpyz-ymzy-zufs"},{"vulnerability":"VCID-cs4q-3rwr-vke4"},{"vulnerability":"VCID-p48j-jh17-7fa9"},{"vulnerability":"VCID-yyhh-t98b-cyen"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.5%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/174088?format=json","purl":"pkg:deb/debian/exiv2@0.28.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.8%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2008-2696","PYSEC-2008-11"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfrj-s55f-7ubw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.17-1%3Fdistro=trixie"}