{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","type":"apk","namespace":"alpine","name":"imagemagick6","version":"6.9.10.37-r0","qualifiers":{"arch":"aarch64","distroversion":"v3.10","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.9.10.43-r0","latest_non_vulnerable_version":"6.9.10.55-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73383?format=json","vulnerability_id":"VCID-1aaa-7e5u-b3e5","summary":"In ImageMagick 7.0.8-13 Q16, there is an infinite loop in the ReadBMPImage function of the coders/bmp.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18024.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18024.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18024","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55408","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55464","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55469","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55458","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55438","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55457","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18024"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637189","reference_id":"1637189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637189"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-18024"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1aaa-7e5u-b3e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73389?format=json","vulnerability_id":"VCID-1m5d-pcn2-ffaq","summary":"ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5357.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5357.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5357","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71382","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71426","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71432","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71409","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71394","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71418","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5357"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5357","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5357"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534382","reference_id":"1534382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534382"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-5357"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1m5d-pcn2-ffaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73363?format=json","vulnerability_id":"VCID-3ddj-urt7-5fcr","summary":"There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16645.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16645.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16645","reference_id":"","reference_type":"","scores":[{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61811","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.6186","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61868","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61857","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61842","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00413","scoring_system":"epss","scoring_elements":"0.61859","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16645"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626611","reference_id":"1626611","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626611"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910889","reference_id":"910889","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16645"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ddj-urt7-5fcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73489?format=json","vulnerability_id":"VCID-3p5a-c4mb-9qau","summary":"In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage in coders/pcd.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7175.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7175.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7175","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.3934","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39428","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39433","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39404","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39375","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39389","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1687436","reference_id":"1687436","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1687436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/7053-1/","reference_id":"USN-7053-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7053-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-7175"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3p5a-c4mb-9qau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73492?format=json","vulnerability_id":"VCID-3vr4-ntcq-f7h7","summary":"In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7398.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7398.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7398","reference_id":"","reference_type":"","scores":[{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40328","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40408","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40411","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40383","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40354","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40369","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7398"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672560","reference_id":"1672560","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672560"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/7068-1/","reference_id":"USN-7068-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7068-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-7398"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3vr4-ntcq-f7h7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73386?format=json","vulnerability_id":"VCID-4t1a-mm35-nuba","summary":"In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5246.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5246.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5246","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71382","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71426","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71432","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71409","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71394","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71418","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5246"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5246","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5246"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533546","reference_id":"1533546","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533546"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-5246"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4t1a-mm35-nuba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73391?format=json","vulnerability_id":"VCID-51ds-s58k-pfb3","summary":"In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new pointer. The previous pointer is lost, which leads to a memory leak. This allows remote attackers to cause a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6405.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6405.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6405","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68135","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68175","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68176","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68183","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.6816","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6405"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541866","reference_id":"1541866","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1541866"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-6405"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-51ds-s58k-pfb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73366?format=json","vulnerability_id":"VCID-5712-5jda-1khf","summary":"In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16749.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16749.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16749","reference_id":"","reference_type":"","scores":[{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47583","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47647","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47648","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47631","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47602","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47614","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16749"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16749","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16749"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627916","reference_id":"1627916","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16749"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5712-5jda-1khf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73343?format=json","vulnerability_id":"VCID-5ant-ads4-hygf","summary":"ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16412.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16412.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16412","reference_id":"","reference_type":"","scores":[{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78757","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78783","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78791","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78781","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.7877","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01141","scoring_system":"epss","scoring_elements":"0.78788","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625429","reference_id":"1625429","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625429"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910887","reference_id":"910887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910887"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16412"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ant-ads4-hygf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73333?format=json","vulnerability_id":"VCID-5fm6-uckb-xkgt","summary":"The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14551.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14551","reference_id":"","reference_type":"","scores":[{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51923","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51984","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51993","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51972","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.51941","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00283","scoring_system":"epss","scoring_elements":"0.5196","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610620","reference_id":"1610620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610620"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904713","reference_id":"904713","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904713"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-14551"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fm6-uckb-xkgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73490?format=json","vulnerability_id":"VCID-5qem-h76h-ukbv","summary":"In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7395.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7395.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7395","reference_id":"","reference_type":"","scores":[{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84352","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84376","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84379","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84372","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.8436","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84373","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672576","reference_id":"1672576","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672576"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-7395"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5qem-h76h-ukbv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73394?format=json","vulnerability_id":"VCID-869r-hxwp-jqh1","summary":"An issue was discovered in ImageMagick 7.0.7-22 Q16. The IsWEBPImageLossless function in coders/webp.c allows attackers to cause a denial of service (segmentation violation) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7470.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7470.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7470","reference_id":"","reference_type":"","scores":[{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46288","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46356","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46358","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46337","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46311","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00233","scoring_system":"epss","scoring_elements":"0.46321","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7470"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549786","reference_id":"1549786","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549786"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891420","reference_id":"891420","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891420"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-7470"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-869r-hxwp-jqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73329?format=json","vulnerability_id":"VCID-a7cy-7ckr-wyav","summary":"ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14437.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14437.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14437","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34777","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3489","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34854","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34839","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14437"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14437","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14437"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609942","reference_id":"1609942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-14437"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7cy-7ckr-wyav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4144?format=json","vulnerability_id":"VCID-bfqg-ra23-ubch","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9956.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9956","reference_id":"","reference_type":"","scores":[{"value":"0.00789","scoring_system":"epss","scoring_elements":"0.7423","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00789","scoring_system":"epss","scoring_elements":"0.74236","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00789","scoring_system":"epss","scoring_elements":"0.74268","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00789","scoring_system":"epss","scoring_elements":"0.74254","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00789","scoring_system":"epss","scoring_elements":"0.74263","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-9956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9956"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1692300","reference_id":"1692300","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1692300"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925395","reference_id":"925395","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925395"},{"reference_url":"https://security.archlinux.org/ASA-201903-15","reference_id":"ASA-201903-15","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-15"},{"reference_url":"https://security.archlinux.org/AVG-931","reference_id":"AVG-931","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-931"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/7068-1/","reference_id":"USN-7068-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7068-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-9956"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bfqg-ra23-ubch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73312?format=json","vulnerability_id":"VCID-bq18-sbze-bbfu","summary":"In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12599.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12599","reference_id":"","reference_type":"","scores":[{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58105","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58156","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58164","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58152","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58138","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58155","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5248"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594338","reference_id":"1594338","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594338"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902727","reference_id":"902727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902727"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3711-1/","reference_id":"USN-3711-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3711-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-12599"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bq18-sbze-bbfu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73372?format=json","vulnerability_id":"VCID-cw5v-w537-e3dn","summary":"ImageMagick 7.0.7-28 has a memory leak vulnerability in WriteSGIImage in coders/sgi.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17965.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17965","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59745","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59794","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59798","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5979","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5977","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59789","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17965"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636592","reference_id":"1636592","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636592"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-17965"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cw5v-w537-e3dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73400?format=json","vulnerability_id":"VCID-dxkg-xfvb-bugf","summary":"In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10649.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10649.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10649","reference_id":"","reference_type":"","scores":[{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57445","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57498","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57507","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57497","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57485","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57503","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700417","reference_id":"1700417","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700417"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-10649"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dxkg-xfvb-bugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73357?format=json","vulnerability_id":"VCID-ea65-7r4s-7ygh","summary":"The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16643.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16643.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16643","reference_id":"","reference_type":"","scores":[{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56841","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56892","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56899","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56888","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56873","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00338","scoring_system":"epss","scoring_elements":"0.56889","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16643"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16643","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16643"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626599","reference_id":"1626599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16643"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ea65-7r4s-7ygh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73398?format=json","vulnerability_id":"VCID-esj7-jduq-uqat","summary":"In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9135.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9135.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9135","reference_id":"","reference_type":"","scores":[{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61241","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61289","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61297","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61283","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61266","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00404","scoring_system":"epss","scoring_elements":"0.61285","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9135"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563889","reference_id":"1563889","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563889"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-9135"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-esj7-jduq-uqat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73385?format=json","vulnerability_id":"VCID-eu81-zu67-9yfr","summary":"In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20467.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20467.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20467","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59384","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59435","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59438","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59429","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.5941","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59427","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20467"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20467","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20467"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664845","reference_id":"1664845","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1664845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917326","reference_id":"917326","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-20467"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eu81-zu67-9yfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73401?format=json","vulnerability_id":"VCID-fk6f-zae1-3yc5","summary":"In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10650.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10650","reference_id":"","reference_type":"","scores":[{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66031","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66083","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66095","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66079","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66067","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00493","scoring_system":"epss","scoring_elements":"0.66084","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9956"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700755","reference_id":"1700755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1700755"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926091","reference_id":"926091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6985-1/","reference_id":"USN-6985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-10650"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fk6f-zae1-3yc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73375?format=json","vulnerability_id":"VCID-fx1r-nrkb-9kg6","summary":"ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePDBImage in coders/pdb.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17966.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17966","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26552","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26654","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26645","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26606","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26551","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26557","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17966"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636587","reference_id":"1636587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-17966"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fx1r-nrkb-9kg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73320?format=json","vulnerability_id":"VCID-g53j-srtx-6fcm","summary":"ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14434.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14434.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14434","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36662","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36671","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36635","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36597","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36607","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14434"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14434","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14434"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609933","reference_id":"1609933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-14434"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g53j-srtx-6fcm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71719?format=json","vulnerability_id":"VCID-gexb-b5v2-yqbc","summary":"There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18544.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18544","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28103","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28174","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28124","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28086","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28043","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28047","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642614","reference_id":"1642614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-18544"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gexb-b5v2-yqbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73369?format=json","vulnerability_id":"VCID-gqf3-ydyc-yqbs","summary":"In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16750.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16750.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16750","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3222","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32292","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32261","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32223","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32193","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32217","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16750"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16750","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16750"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627917","reference_id":"1627917","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1627917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16750"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqf3-ydyc-yqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73354?format=json","vulnerability_id":"VCID-gr6u-9dgy-m3e8","summary":"The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16642.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16642","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54205","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54261","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.5427","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54259","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54236","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54257","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626591","reference_id":"1626591","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16642"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gr6u-9dgy-m3e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73360?format=json","vulnerability_id":"VCID-h21y-kaya-zqen","summary":"There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16644.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16644.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16644","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48839","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.489","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48909","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48891","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48861","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48875","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626606","reference_id":"1626606","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626606"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910888","reference_id":"910888","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910888"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16644"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h21y-kaya-zqen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73384?format=json","vulnerability_id":"VCID-hnwp-rs81-2udy","summary":"In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read in the EncodeImage function of coders/pict.c, which allows attackers to cause a denial of service via a crafted SVG image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18025.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18025","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43157","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.4323","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43238","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43217","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43182","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43192","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18025"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637191","reference_id":"1637191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637191"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911435","reference_id":"911435","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911435"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-18025"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hnwp-rs81-2udy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73378?format=json","vulnerability_id":"VCID-hpxe-r3vp-jfe4","summary":"ImageMagick 7.0.7-28 has a memory leak vulnerability in ReadBGRImage in coders/bgr.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17967.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17967.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17967","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59592","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59643","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59618","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59646","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59637","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17967"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17967","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17967"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636590","reference_id":"1636590","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-17967"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpxe-r3vp-jfe4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73387?format=json","vulnerability_id":"VCID-jdjz-7rzu-5uce","summary":"In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5247.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5247.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5247","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68959","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68998","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.69007","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.69","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68984","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.69004","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5247"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5247","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5247"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533553","reference_id":"1533553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533553"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-5247"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jdjz-7rzu-5uce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73323?format=json","vulnerability_id":"VCID-jhag-d3vb-9uhc","summary":"ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14435.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14435","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34777","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3489","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34854","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34839","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14435"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14435","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14435"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609936","reference_id":"1609936","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609936"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-14435"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jhag-d3vb-9uhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73390?format=json","vulnerability_id":"VCID-n2h4-s9k3-a7gf","summary":"ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5358.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5358.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5358","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61372","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61419","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61426","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61413","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61395","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61416","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5358"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5358","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5358"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534380","reference_id":"1534380","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534380"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-5358"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n2h4-s9k3-a7gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73325?format=json","vulnerability_id":"VCID-neqd-ce55-9qfv","summary":"ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14436.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14436.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14436","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34777","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.3489","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34854","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34817","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34839","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14436"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14436","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14436"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609939","reference_id":"1609939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-14436"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-neqd-ce55-9qfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73491?format=json","vulnerability_id":"VCID-nsbs-fjmy-m7d2","summary":"In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7396.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7396","reference_id":"","reference_type":"","scores":[{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84352","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84376","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84379","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84372","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.8436","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02095","scoring_system":"epss","scoring_elements":"0.84373","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672567","reference_id":"1672567","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672567"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-7396"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nsbs-fjmy-m7d2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73335?format=json","vulnerability_id":"VCID-p9q3-e6ba-s7bk","summary":"In ImageMagick 7.0.8-11 Q16, a tiny input file 0x50 0x36 0x36 0x36 0x36 0x4c 0x36 0x38 0x36 0x36 0x36 0x36 0x36 0x36 0x1f 0x35 0x50 0x00 can result in a hang of several minutes during which CPU and memory resources are consumed until ultimately an attempted large memory allocation fails. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15607.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15607","reference_id":"","reference_type":"","scores":[{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71091","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71133","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.7114","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71123","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71109","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00645","scoring_system":"epss","scoring_elements":"0.71134","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15607"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1622738","reference_id":"1622738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1622738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-15607"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p9q3-e6ba-s7bk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73346?format=json","vulnerability_id":"VCID-pq1w-bp1f-zbdx","summary":"ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16413.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16413.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16413","reference_id":"","reference_type":"","scores":[{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57719","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57771","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.5778","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.5777","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57757","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0035","scoring_system":"epss","scoring_elements":"0.57774","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16412"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16413"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16644"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16645"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625430","reference_id":"1625430","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1625430"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910887","reference_id":"910887","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910887"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16413"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pq1w-bp1f-zbdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73397?format=json","vulnerability_id":"VCID-pzkf-p1kb-xqdr","summary":"ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tiff file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9133.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-9133.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9133","reference_id":"","reference_type":"","scores":[{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50178","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50239","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50247","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50229","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.502","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.50219","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9133"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563875","reference_id":"1563875","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1563875"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894848","reference_id":"894848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894848"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-9133"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzkf-p1kb-xqdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73315?format=json","vulnerability_id":"VCID-qmup-bbwd-tuej","summary":"In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12600.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12600","reference_id":"","reference_type":"","scores":[{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58105","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58156","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58164","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58152","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58138","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00355","scoring_system":"epss","scoring_elements":"0.58155","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11251","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11251"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5248","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5248"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594339","reference_id":"1594339","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594339"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902728","reference_id":"902728","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902728"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3711-1/","reference_id":"USN-3711-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3711-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-12600"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qmup-bbwd-tuej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73341?format=json","vulnerability_id":"VCID-rze5-31jb-6bdx","summary":"In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16329.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16329","reference_id":"","reference_type":"","scores":[{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59272","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59323","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59327","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59318","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59299","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00372","scoring_system":"epss","scoring_elements":"0.59316","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16329"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1624957","reference_id":"1624957","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1624957"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16329"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rze5-31jb-6bdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73396?format=json","vulnerability_id":"VCID-snpz-mkbm-myg7","summary":"The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8960.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8960","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52502","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52561","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.5257","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52551","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52523","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52545","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8960"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561190","reference_id":"1561190","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1561190"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-8960"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-snpz-mkbm-myg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73393?format=json","vulnerability_id":"VCID-sz9m-kmg1-kyde","summary":"The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7443.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7443","reference_id":"","reference_type":"","scores":[{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59308","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59359","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59363","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59354","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59335","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00373","scoring_system":"epss","scoring_elements":"0.59352","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7443"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549668","reference_id":"1549668","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1549668"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891291","reference_id":"891291","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891291"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-7443"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sz9m-kmg1-kyde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73349?format=json","vulnerability_id":"VCID-u5jx-s7xw-ufc1","summary":"ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16640.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16640.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16640","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45384","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45453","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45457","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45437","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45412","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45425","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16640"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16640","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16640"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626570","reference_id":"1626570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1626570"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3785-1/","reference_id":"USN-3785-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3785-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-16640"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u5jx-s7xw-ufc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73395?format=json","vulnerability_id":"VCID-vevb-sfux-a7eu","summary":"WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8804.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8804","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59007","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59055","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59035","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.5906","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59052","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-8804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8804"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559892","reference_id":"1559892","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559892"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3681-1/","reference_id":"USN-3681-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3681-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-8804"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vevb-sfux-a7eu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73381?format=json","vulnerability_id":"VCID-w4ug-qsr9-9bas","summary":"ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in coders/pcx.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18016.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18016.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18016","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24639","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24739","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24729","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24673","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24615","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24624","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18016"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636579","reference_id":"1636579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1636579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/6980-1/","reference_id":"USN-6980-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6980-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-18016"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w4ug-qsr9-9bas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71741?format=json","vulnerability_id":"VCID-w88m-nrnj-gbh7","summary":"In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7397","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44723","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44793","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44799","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44778","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44747","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44759","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672564","reference_id":"1672564","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672564"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/4034-1/","reference_id":"USN-4034-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4034-1/"},{"reference_url":"https://usn.ubuntu.com/7068-1/","reference_id":"USN-7068-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7068-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2019-7397"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w88m-nrnj-gbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73318?format=json","vulnerability_id":"VCID-zfwn-2tn6-97ek","summary":"In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13153.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13153.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13153","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43795","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43866","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43874","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43849","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43814","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43825","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13153"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13153","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13153"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1598471","reference_id":"1598471","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1598471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1180","reference_id":"RHSA-2020:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1180"},{"reference_url":"https://usn.ubuntu.com/3711-1/","reference_id":"USN-3711-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3711-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/319660?format=json","purl":"pkg:apk/alpine/imagemagick6@6.9.10.37-r0?arch=aarch64&distroversion=v3.10&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}],"aliases":["CVE-2018-13153"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zfwn-2tn6-97ek"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/imagemagick6@6.9.10.37-r0%3Farch=aarch64&distroversion=v3.10&reponame=community"}