{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","type":"apk","namespace":"alpine","name":"libexif","version":"0.6.21-r0","qualifiers":{"arch":"aarch64","distroversion":"v3.18","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.6.21-r3","latest_non_vulnerable_version":"0.6.23-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75996?format=json","vulnerability_id":"VCID-1qye-wx7e-puda","summary":"Off-by-one error in the exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2840.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2840","reference_id":"","reference_type":"","scores":[{"value":"0.02397","scoring_system":"epss","scoring_elements":"0.85329","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02397","scoring_system":"epss","scoring_elements":"0.85352","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02397","scoring_system":"epss","scoring_elements":"0.85357","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2840"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839188","reference_id":"839188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839188"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2840"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1qye-wx7e-puda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75988?format=json","vulnerability_id":"VCID-22jn-mcwn-j3ax","summary":"The exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2812.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2812","reference_id":"","reference_type":"","scores":[{"value":"0.00928","scoring_system":"epss","scoring_elements":"0.76455","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00928","scoring_system":"epss","scoring_elements":"0.76484","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00928","scoring_system":"epss","scoring_elements":"0.7649","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00928","scoring_system":"epss","scoring_elements":"0.7648","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2812"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839203","reference_id":"839203","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839203"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2812"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-22jn-mcwn-j3ax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75994?format=json","vulnerability_id":"VCID-44bu-3z7v-5ydx","summary":"The mnote_olympus_entry_get_value function in olympus/mnote-olympus-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (divide-by-zero error) via an image with crafted EXIF tags that are not properly handled during the formatting of EXIF maker note tags.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2837.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2837","reference_id":"","reference_type":"","scores":[{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79712","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79738","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79743","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79739","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2837"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839185","reference_id":"839185","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839185"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2837"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44bu-3z7v-5ydx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66831?format=json","vulnerability_id":"VCID-46sb-z45u-aqhp","summary":"Integer overflow in the jpeg_data_load_data function in jpeg-data.c in libjpeg in exif 0.6.20 allows remote attackers to cause a denial of service (buffer over-read and application crash) or obtain potentially sensitive information via a crafted JPEG file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2845.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2845.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2845","reference_id":"","reference_type":"","scores":[{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70544","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70586","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70596","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70578","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2845"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2845"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681465","reference_id":"681465","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681465"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=840002","reference_id":"840002","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=840002"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2845"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-46sb-z45u-aqhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75991?format=json","vulnerability_id":"VCID-ceaj-6s1m-3yak","summary":"The exif_data_load_data function in exif-data.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2836.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2836","reference_id":"","reference_type":"","scores":[{"value":"0.02522","scoring_system":"epss","scoring_elements":"0.85693","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02522","scoring_system":"epss","scoring_elements":"0.85715","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02522","scoring_system":"epss","scoring_elements":"0.85718","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02522","scoring_system":"epss","scoring_elements":"0.85714","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2836"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839184","reference_id":"839184","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839184"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2836"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ceaj-6s1m-3yak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75990?format=json","vulnerability_id":"VCID-fwj4-n4af-wued","summary":"Buffer overflow in the exif_entry_format_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 allows remote attackers to cause a denial of service or possibly execute arbitrary code via crafted EXIF tags in an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2814.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2814.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2814","reference_id":"","reference_type":"","scores":[{"value":"0.03788","scoring_system":"epss","scoring_elements":"0.88278","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03788","scoring_system":"epss","scoring_elements":"0.88297","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03788","scoring_system":"epss","scoring_elements":"0.88299","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2814"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2814"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839183","reference_id":"839183","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839183"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2814"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwj4-n4af-wued"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75999?format=json","vulnerability_id":"VCID-g856-qmgw-fbca","summary":"Integer underflow in the exif_entry_get_value function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) 0.6.20 might allow remote attackers to execute arbitrary code via vectors involving a crafted buffer-size parameter during the formatting of an EXIF tag, leading to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2841.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2841","reference_id":"","reference_type":"","scores":[{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.88998","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89015","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04256","scoring_system":"epss","scoring_elements":"0.89016","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2841"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839189","reference_id":"839189","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839189"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2841"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g856-qmgw-fbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75989?format=json","vulnerability_id":"VCID-v2pe-r74z-fucm","summary":"The exif_convert_utf16_to_utf8 function in exif-entry.c in the EXIF Tag Parsing Library (aka libexif) before 0.6.21 allows remote attackers to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from process memory via crafted EXIF tags in an image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2813.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2813","reference_id":"","reference_type":"","scores":[{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76518","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76548","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76553","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00933","scoring_system":"epss","scoring_elements":"0.76542","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2813"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454","reference_id":"681454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681454"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839182","reference_id":"839182","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839182"},{"reference_url":"https://security.gentoo.org/glsa/201401-10","reference_id":"GLSA-201401-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1255","reference_id":"RHSA-2012:1255","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1255"},{"reference_url":"https://usn.ubuntu.com/1513-1/","reference_id":"USN-1513-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1513-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/347707?format=json","purl":"pkg:apk/alpine/libexif@0.6.21-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}],"aliases":["CVE-2012-2813"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v2pe-r74z-fucm"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libexif@0.6.21-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"}