{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","type":"apk","namespace":"alpine","name":"exiv2","version":"0.27.2-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.19","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.27.2-r6","latest_non_vulnerable_version":"0.28.2-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138503?format=json","vulnerability_id":"VCID-1da7-wda3-queu","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13109.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13109","reference_id":"","reference_type":"","scores":[{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61837","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13109"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728484","reference_id":"1728484","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728484"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13109"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1da7-wda3-queu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7719?format=json","vulnerability_id":"VCID-emda-3cut-ufft","summary":"http.c in Exiv2 through 0.27.1 allows a malicious http server to cause a denial of service (crash due to a NULL pointer dereference) by returning a crafted response that lacks a space character.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00009.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13114.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13114","reference_id":"","reference_type":"","scores":[{"value":"0.02667","scoring_system":"epss","scoring_elements":"0.8606","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13114"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/Exiv2/exiv2/issues/793","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/issues/793"},{"reference_url":"https://github.com/Exiv2/exiv2/pull/815","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://github.com/Exiv2/exiv2/pull/815"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FGBT5OD2TF4AIXJUC56WOUJRHAZLZ4DC/"},{"reference_url":"https://support.f5.com/csp/article/K45429077?utm_source=f5support&amp%3Butm_medium=RSS","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://support.f5.com/csp/article/K45429077?utm_source=f5support&amp%3Butm_medium=RSS"},{"reference_url":"https://usn.ubuntu.com/4056-1/","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://usn.ubuntu.com/4056-1/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728494","reference_id":"1728494","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13114","PYSEC-2019-257"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-emda-3cut-ufft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138507?format=json","vulnerability_id":"VCID-fwtr-yyg7-xkcs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13113.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13113.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13113","reference_id":"","reference_type":"","scores":[{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44792","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13113"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728492","reference_id":"1728492","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728492"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13113"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwtr-yyg7-xkcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138504?format=json","vulnerability_id":"VCID-k5ks-esna-vqgj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13110.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13110.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13110","reference_id":"","reference_type":"","scores":[{"value":"0.01432","scoring_system":"epss","scoring_elements":"0.80988","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13110"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728486","reference_id":"1728486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728486"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13110"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5ks-esna-vqgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138505?format=json","vulnerability_id":"VCID-mjeh-k2rm-rqb7","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13111.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13111.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13111","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.52045","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13111"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728488","reference_id":"1728488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728488"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1577","reference_id":"RHSA-2020:1577","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13111"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mjeh-k2rm-rqb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/138502?format=json","vulnerability_id":"VCID-xy57-p93q-suem","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13108.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13108","reference_id":"","reference_type":"","scores":[{"value":"0.00279","scoring_system":"epss","scoring_elements":"0.51533","published_at":"2026-05-30T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728481","reference_id":"1728481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/318596?format=json","purl":"pkg:apk/alpine/exiv2@0.27.2-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}],"aliases":["CVE-2019-13108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xy57-p93q-suem"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/exiv2@0.27.2-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"}