{"url":"http://public2.vulnerablecode.io/api/packages/197930?format=json","purl":"pkg:apk/alpine/mupdf@1.18.0-r1?arch=armv7&distroversion=v3.18&reponame=community","type":"apk","namespace":"alpine","name":"mupdf","version":"1.18.0-r1","qualifiers":{"arch":"armv7","distroversion":"v3.18","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/158732?format=json","vulnerability_id":"VCID-vcu2-v9jf-ufh5","summary":"A flaw was found in mupdf 1.18.0. Double free of object during linearization may lead to memory corruption and other potential consequences.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3407","reference_id":"","reference_type":"","scores":[{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70207","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00605","scoring_system":"epss","scoring_elements":"0.70117","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3407"},{"reference_url":"https://security.gentoo.org/glsa/202105-30","reference_id":"202105-30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://security.gentoo.org/glsa/202105-30"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983684","reference_id":"983684","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983684"},{"reference_url":"https://security.archlinux.org/AVG-1602","reference_id":"AVG-1602","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1602"},{"reference_url":"https://security.archlinux.org/AVG-1705","reference_id":"AVG-1705","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1705"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/","reference_id":"LCADE3VSPWCGTE5BV4KL273R5VK3GDKM","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LCADE3VSPWCGTE5BV4KL273R5VK3GDKM/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/","reference_id":"M44PNYCBL33OD7GC75XNE6CDS4VSGVWO","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M44PNYCBL33OD7GC75XNE6CDS4VSGVWO/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html","reference_id":"msg00012.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2021/03/msg00012.html"},{"reference_url":"http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a","reference_id":"?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"http://git.ghostscript.com/?p=mupdf.git%3Bh=cee7cefc610d42fd383b3c80c12cbc675443176a"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=703366","reference_id":"show_bug.cgi?id=703366","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=703366"},{"reference_url":"https://usn.ubuntu.com/7825-1/","reference_id":"USN-7825-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7825-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/","reference_id":"ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-22T15:23:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZLC6MPH7YS6JPU427XOFRLF3KKZQUZJN/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/197930?format=json","purl":"pkg:apk/alpine/mupdf@1.18.0-r1?arch=armv7&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mupdf@1.18.0-r1%3Farch=armv7&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2021-3407"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcu2-v9jf-ufh5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mupdf@1.18.0-r1%3Farch=armv7&distroversion=v3.18&reponame=community"}