VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/372651?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
    "type": "alpm",
    "namespace": "archlinux",
    "name": "lib32-libtiff",
    "version": "4.0.10-1",
    "qualifiers": {},
    "subpath": "",
    "is_vulnerable": false,
    "next_non_vulnerable_version": "4.3.0-2",
    "latest_non_vulnerable_version": "4.3.0-2",
    "affected_by_vulnerabilities": [],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63808?format=api",
            "vulnerability_id": "VCID-1rsr-q1uf-ekav",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2770",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2770"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18013.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18013.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18013",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50322",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50482",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50467",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5051",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50515",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50492",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50438",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50447",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50399",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50416",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5047",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50463",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.0027",
                            "scoring_system": "epss",
                            "scoring_elements": "0.50505",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00392",
                            "scoring_system": "epss",
                            "scoring_elements": "0.60153",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00392",
                            "scoring_system": "epss",
                            "scoring_elements": "0.60075",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00392",
                            "scoring_system": "epss",
                            "scoring_elements": "0.60178",
                            "published_at": "2026-04-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18013"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://gitlab.com/libtiff/libtiff/commit/c6f41df7b581402dfba3c19a1e3df4454c551a01"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00033.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00033.html"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00034.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00034.html"
                },
                {
                    "reference_url": "https://www.debian.org/security/2018/dsa-4100",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.debian.org/security/2018/dsa-4100"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/102345",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/102345"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530440",
                    "reference_id": "1530440",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1530440"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885985",
                    "reference_id": "885985",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885985"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-813",
                    "reference_id": "AVG-813",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-813"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.9:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18013",
                    "reference_id": "CVE-2017-18013",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18013"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3602-1/",
                    "reference_id": "USN-3602-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3602-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3606-1/",
                    "reference_id": "USN-3606-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3606-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2017-18013"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1rsr-q1uf-ekav"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83489?format=api",
            "vulnerability_id": "VCID-43cd-stdq-pbc9",
            "summary": "libtiff: heap-based buffer over-read in TIFFWriteScanline function in tif_write.c",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2788",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2788"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10779.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10779.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10779",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66276",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66424",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6635",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66385",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66401",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66386",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66409",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66314",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66342",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66312",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6636",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66373",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.66394",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00509",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6638",
                            "published_at": "2026-04-12T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10779"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10779"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/104089",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/104089"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577311",
                    "reference_id": "1577311",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1577311"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898359",
                    "reference_id": "898359",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898359"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-816",
                    "reference_id": "AVG-816",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Medium",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-816"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.8.2:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10779",
                    "reference_id": "CVE-2018-10779",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10779"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3906-1/",
                    "reference_id": "USN-3906-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3906-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3906-2/",
                    "reference_id": "USN-3906-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3906-2/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-10779"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43cd-stdq-pbc9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/39037?format=api",
            "vulnerability_id": "VCID-4n8m-6c1e-f7ba",
            "summary": "A vulnerability in libTIFF could lead to a Denial of Service\n    condition.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18557.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18557.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96141",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96112",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96115",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96124",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96128",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9613",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96132",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96133",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96134",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.24463",
                            "scoring_system": "epss",
                            "scoring_elements": "0.9611",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.30054",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96652",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.30054",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96644",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.32235",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96816",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.32235",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96807",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.32235",
                            "scoring_system": "epss",
                            "scoring_elements": "0.96814",
                            "published_at": "2026-04-02T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.4",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644229",
                    "reference_id": "1644229",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644229"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911635",
                    "reference_id": "911635",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911635"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-17",
                    "reference_id": "ASA-201811-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-17"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-790",
                    "reference_id": "AVG-790",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-790"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1697",
                    "reference_id": "CVE-2018-18557",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1697"
                },
                {
                    "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45694.c",
                    "reference_id": "CVE-2018-18557",
                    "reference_type": "exploit",
                    "scores": [],
                    "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45694.c"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201904-15",
                    "reference_id": "GLSA-201904-15",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201904-15"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3864-1/",
                    "reference_id": "USN-3864-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3864-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3906-2/",
                    "reference_id": "USN-3906-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3906-2/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-18557"
            ],
            "risk_score": 10.0,
            "exploitability": "2.0",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4n8m-6c1e-f7ba"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63803?format=api",
            "vulnerability_id": "VCID-d3ym-a4bv-ybaz",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9935.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9935.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9935",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65382",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65345",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65381",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65392",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65376",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65394",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65406",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65403",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65304",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65356",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65367",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65386",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00485",
                            "scoring_system": "epss",
                            "scoring_elements": "0.65373",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00553",
                            "scoring_system": "epss",
                            "scoring_elements": "0.68014",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00553",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67992",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00553",
                            "scoring_system": "epss",
                            "scoring_elements": "0.68033",
                            "published_at": "2026-04-04T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9935"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12944"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13726"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13727"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18013"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9935"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.8",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P"
                        },
                        {
                            "value": "7.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469725",
                    "reference_id": "1469725",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1469725"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109",
                    "reference_id": "866109",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866109"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-17",
                    "reference_id": "ASA-201811-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-17"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-790",
                    "reference_id": "AVG-790",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-790"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3606-1/",
                    "reference_id": "USN-3606-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3606-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2017-9935"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d3ym-a4bv-ybaz"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83035?format=api",
            "vulnerability_id": "VCID-p3k1-dpdf-e3f3",
            "summary": "libtiff: tiff2bw tool failed memory allocation leads to crash",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18661.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18661.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18661",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37024",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37512",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37558",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3754",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37476",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37255",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37234",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00165",
                            "scoring_system": "epss",
                            "scoring_elements": "0.37142",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40238",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40249",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40211",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40078",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40251",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40174",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40226",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00185",
                            "scoring_system": "epss",
                            "scoring_elements": "0.40227",
                            "published_at": "2026-04-02T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18661"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18661",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18661"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644448",
                    "reference_id": "1644448",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1644448"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912012",
                    "reference_id": "912012",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912012"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-17",
                    "reference_id": "ASA-201811-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-17"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-790",
                    "reference_id": "AVG-790",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-790"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3864-1/",
                    "reference_id": "USN-3864-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3864-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-18661"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3k1-dpdf-e3f3"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63842?format=api",
            "vulnerability_id": "VCID-qez8-xv6h-e3hx",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11613.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11613.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67829",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67956",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67967",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67976",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67981",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67853",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67872",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67903",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67917",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.6794",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67927",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67891",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67929",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67941",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00548",
                            "scoring_system": "epss",
                            "scoring_elements": "0.67922",
                            "published_at": "2026-04-21T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475530",
                    "reference_id": "1475530",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1475530"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869823",
                    "reference_id": "869823",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869823"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-17",
                    "reference_id": "ASA-201811-17",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-17"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-790",
                    "reference_id": "AVG-790",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-790"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3606-1/",
                    "reference_id": "USN-3606-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3606-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2017-11613"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qez8-xv6h-e3hx"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63843?format=api",
            "vulnerability_id": "VCID-r4k1-psbb-53gd",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5784.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5784.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58717",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58768",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58801",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58805",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58783",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58751",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00368",
                            "scoring_system": "epss",
                            "scoring_elements": "0.58765",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59848",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59862",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59883",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59867",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.5973",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59803",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59827",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00387",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59798",
                            "published_at": "2026-04-07T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537740",
                    "reference_id": "1537740",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1537740"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890441",
                    "reference_id": "890441",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890441"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-813",
                    "reference_id": "AVG-813",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-813"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3602-1/",
                    "reference_id": "USN-3602-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3602-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3606-1/",
                    "reference_id": "USN-3606-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3606-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-5784"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r4k1-psbb-53gd"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63846?format=api",
            "vulnerability_id": "VCID-rn1a-sww4-bffd",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2795",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2795"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10963.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10963.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32669",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33044",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33085",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33062",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33024",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32876",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32858",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.32782",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3303",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33074",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33104",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33106",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00134",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33068",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00385",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59684",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00385",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59586",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00385",
                            "scoring_system": "epss",
                            "scoring_elements": "0.59659",
                            "published_at": "2026-04-02T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://lists.debian.org/debian-lts-announce/2018/07/msg00002.html"
                },
                {
                    "reference_url": "https://www.debian.org/security/2018/dsa-4349",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://www.debian.org/security/2018/dsa-4349"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1579058",
                    "reference_id": "1579058",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1579058"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898348",
                    "reference_id": "898348",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898348"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-813",
                    "reference_id": "AVG-813",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-813"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10963",
                    "reference_id": "CVE-2018-10963",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10963"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3864-1/",
                    "reference_id": "USN-3864-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3864-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-10963"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rn1a-sww4-bffd"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63845?format=api",
            "vulnerability_id": "VCID-sefx-74dq-pqe1",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8905.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.0",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8905.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70684",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70657",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70666",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70645",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70697",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70707",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70706",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70557",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70602",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70618",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7064",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70626",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00642",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70612",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00756",
                            "scoring_system": "epss",
                            "scoring_elements": "0.73218",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00756",
                            "scoring_system": "epss",
                            "scoring_elements": "0.73239",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00756",
                            "scoring_system": "epss",
                            "scoring_elements": "0.73208",
                            "published_at": "2026-04-01T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-8905"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559704",
                    "reference_id": "1559704",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1559704"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893806",
                    "reference_id": "893806",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893806"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-813",
                    "reference_id": "AVG-813",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-813"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3864-1/",
                    "reference_id": "USN-3864-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3864-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-8905"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sefx-74dq-pqe1"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63844?format=api",
            "vulnerability_id": "VCID-wk1z-n789-n7cg",
            "summary": "security update",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7456.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7456.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71072",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70994",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7104",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71047",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71082",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71091",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7109",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70946",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70988",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71004",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71026",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00656",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71011",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00994",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7687",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00994",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76901",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00994",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76863",
                            "published_at": "2026-04-01T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11613"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17095"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10963"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15209"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16335"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17101"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18557"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7456"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8905"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556708",
                    "reference_id": "1556708",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1556708"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891288",
                    "reference_id": "891288",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891288"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201811-18",
                    "reference_id": "ASA-201811-18",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201811-18"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-791",
                    "reference_id": "AVG-791",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-791"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-813",
                    "reference_id": "AVG-813",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "High",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-813"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2051",
                    "reference_id": "RHSA-2019:2051",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2051"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2019:2053",
                    "reference_id": "RHSA-2019:2053",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2019:2053"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/3864-1/",
                    "reference_id": "USN-3864-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/3864-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/372651?format=api",
                    "purl": "pkg:alpm/archlinux/lib32-libtiff@4.0.10-1",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
                }
            ],
            "aliases": [
                "CVE-2018-7456"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wk1z-n789-n7cg"
        }
    ],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/lib32-libtiff@4.0.10-1"
}

Package Instance