{"url":"http://public2.vulnerablecode.io/api/packages/185255?format=json","purl":"pkg:rpm/redhat/kdegraphics@7:3.3.1-15.el4_8?arch=2","type":"rpm","namespace":"redhat","name":"kdegraphics","version":"7:3.3.1-15.el4_8","qualifiers":{"arch":"2"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98397?format=json","vulnerability_id":"VCID-3kna-tmpr-wqdu","summary":"The Splash::drawImage function in Splash.cc in Xpdf 2.x and 3.x before 3.02pl4, and Poppler 0.x, as used in GPdf and kdegraphics KPDF, does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document that triggers a NULL pointer dereference or a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604","reference_id":"","reference_type":"","scores":[{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.91926","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.91938","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.9194","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07495","scoring_system":"epss","scoring_elements":"0.91937","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911","reference_id":"526911","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526911"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"}],"fixed_packages":[],"aliases":["CVE-2009-3604"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3kna-tmpr-wqdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98402?format=json","vulnerability_id":"VCID-3pfn-gq15-suez","summary":"Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote attackers to execute arbitrary code via a crafted PDF document that triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608","reference_id":"","reference_type":"","scores":[{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94107","published_at":"2026-06-04T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94115","published_at":"2026-06-05T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94114","published_at":"2026-06-06T12:55:00Z"},{"value":"0.12664","scoring_system":"epss","scoring_elements":"0.94116","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637","reference_id":"526637","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526637"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3608"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3pfn-gq15-suez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98395?format=json","vulnerability_id":"VCID-97fh-jnxr-zyc8","summary":"Integer overflow in the JBIG2 decoding feature in the SplashBitmap::SplashBitmap function in SplashBitmap.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.10.6, as used in GPdf and kdegraphics KPDF, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF document.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188","reference_id":"","reference_type":"","scores":[{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95876","published_at":"2026-06-04T12:55:00Z"},{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.9588","published_at":"2026-06-05T12:55:00Z"},{"value":"0.21975","scoring_system":"epss","scoring_elements":"0.95883","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907","reference_id":"495907","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=495907"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806","reference_id":"524806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779","reference_id":"575779","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://usn.ubuntu.com/759-1/","reference_id":"USN-759-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/759-1/"}],"fixed_packages":[],"aliases":["CVE-2009-1188"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97fh-jnxr-zyc8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65543?format=json","vulnerability_id":"VCID-b3pu-9zxj-a3bv","summary":"Multiple integer overflows in Xpdf 2.x and 3.x and Poppler 0.x, as used in the pdftops filter in CUPS 1.1.17, 1.1.22, and 1.3.7, GPdf, and kdegraphics KPDF, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF file that triggers a heap-based buffer overflow, possibly related to (1) Decrypt.cxx, (2) FoFiTrueType.cxx, (3) gmem.c, (4) JBIG2Stream.cxx, and (5) PSOutputDev.cxx in pdftops/. NOTE: the JBIG2Stream.cxx vector may overlap CVE-2009-1179.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0791.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0791.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0791","reference_id":"","reference_type":"","scores":[{"value":"0.05022","scoring_system":"epss","scoring_elements":"0.89905","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05022","scoring_system":"epss","scoring_elements":"0.89921","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05022","scoring_system":"epss","scoring_elements":"0.89922","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05022","scoring_system":"epss","scoring_elements":"0.89918","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0791"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0791"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=491840","reference_id":"491840","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=491840"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535489","reference_id":"535489","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0480","reference_id":"RHSA-2009:0480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1083","reference_id":"RHSA-2009:1083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"}],"fixed_packages":[],"aliases":["CVE-2009-0791"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b3pu-9zxj-a3bv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98403?format=json","vulnerability_id":"VCID-bzn5-1h8a-pufe","summary":"Integer overflow in the ImageStream::ImageStream function in Stream.cc in Xpdf before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, and CUPS pdftops, allows remote attackers to cause a denial of service (application crash) via a crafted PDF document that triggers a NULL pointer dereference or buffer over-read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609","reference_id":"","reference_type":"","scores":[{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.90846","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.9086","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05999","scoring_system":"epss","scoring_elements":"0.90857","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3609"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893","reference_id":"526893","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=526893"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287","reference_id":"551287","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289","reference_id":"551289","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289"},{"reference_url":"https://security.gentoo.org/glsa/201310-03","reference_id":"GLSA-201310-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201310-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1500","reference_id":"RHSA-2009:1500","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1501","reference_id":"RHSA-2009:1501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1502","reference_id":"RHSA-2009:1502","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1503","reference_id":"RHSA-2009:1503","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1503"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1504","reference_id":"RHSA-2009:1504","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1504"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1512","reference_id":"RHSA-2009:1512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1512"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1513","reference_id":"RHSA-2009:1513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1513"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0755","reference_id":"RHSA-2010:0755","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0755"},{"reference_url":"https://usn.ubuntu.com/850-1/","reference_id":"USN-850-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-1/"},{"reference_url":"https://usn.ubuntu.com/850-3/","reference_id":"USN-850-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/850-3/"},{"reference_url":"https://usn.ubuntu.com/973-1/","reference_id":"USN-973-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/973-1/"}],"fixed_packages":[],"aliases":["CVE-2009-3609"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bzn5-1h8a-pufe"}],"fixing_vulnerabilities":[],"risk_score":"0.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kdegraphics@7:3.3.1-15.el4_8%3Farch=2"}