{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","type":"deb","namespace":"debian","name":"exempi","version":"2.6.6-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5779?format=json","vulnerability_id":"VCID-379n-z9dy-qbfd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7729.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7729.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7729","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57394","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7729"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555160","reference_id":"1555160","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555160"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782","reference_id":"892782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39352?format=json","purl":"pkg:deb/debian/exempi@2.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7729"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-379n-z9dy-qbfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3299?format=json","vulnerability_id":"VCID-3q3e-wpx4-s7cf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18235.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18235","reference_id":"","reference_type":"","scores":[{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61744","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18235"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18235","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18235"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559595","reference_id":"1559595","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559595"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39348?format=json","purl":"pkg:deb/debian/exempi@2.4.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18235"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3q3e-wpx4-s7cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208629?format=json","vulnerability_id":"VCID-65ae-q3zy-7fgu","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36056","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56679","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36056"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36056","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36056"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36056"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-65ae-q3zy-7fgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3300?format=json","vulnerability_id":"VCID-6eq7-c2d2-17hm","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18236.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18236","reference_id":"","reference_type":"","scores":[{"value":"0.00873","scoring_system":"epss","scoring_elements":"0.75674","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18236"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18236","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18236"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559596","reference_id":"1559596","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2048","reference_id":"RHSA-2019:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2048"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39344?format=json","purl":"pkg:deb/debian/exempi@2.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18236"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6eq7-c2d2-17hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8011?format=json","vulnerability_id":"VCID-9rpw-vmgz-qkaj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18652.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18652","reference_id":"","reference_type":"","scores":[{"value":"0.02158","scoring_system":"epss","scoring_elements":"0.84646","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18652"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/libopenraw/exempi/issues/12","reference_id":"12","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:39:08Z/"}],"url":"https://gitlab.freedesktop.org/libopenraw/exempi/issues/12"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235673","reference_id":"2235673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235673"},{"reference_url":"https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7","reference_id":"acee2894ceb91616543927c2a6e45050c60f98f7","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:39:08Z/"}],"url":"https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html","reference_id":"msg00032.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:39:08Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3066","reference_id":"RHSA-2024:3066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3066"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39357?format=json","purl":"pkg:deb/debian/exempi@2.5.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2020-18652"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9rpw-vmgz-qkaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3302?format=json","vulnerability_id":"VCID-a6gy-hktt-7yav","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18238.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18238","reference_id":"","reference_type":"","scores":[{"value":"0.00519","scoring_system":"epss","scoring_elements":"0.67208","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18238"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558715","reference_id":"1558715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1558715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2048","reference_id":"RHSA-2019:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2048"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39344?format=json","purl":"pkg:deb/debian/exempi@2.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a6gy-hktt-7yav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208621?format=json","vulnerability_id":"VCID-ahnr-q5kd-77hd","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36047","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68237","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36047"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36047","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36047"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36047"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ahnr-q5kd-77hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208778?format=json","vulnerability_id":"VCID-b96d-v7f8-j7ey","summary":"XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40716","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48897","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40716"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40716","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40716"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-40716"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b96d-v7f8-j7ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208626?format=json","vulnerability_id":"VCID-bs4c-gyzs-j7c7","summary":"XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36053","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53337","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36053"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36053"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bs4c-gyzs-j7c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208841?format=json","vulnerability_id":"VCID-c7kn-et1p-k7ar","summary":"XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42530","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.6346","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42530"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-42530"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7kn-et1p-k7ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208631?format=json","vulnerability_id":"VCID-c8uk-fnks-yqfv","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Integer Overflow vulnerability potentially resulting in application-level denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36058","reference_id":"","reference_type":"","scores":[{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.54331","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36058"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36058","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36058"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36058"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c8uk-fnks-yqfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208735?format=json","vulnerability_id":"VCID-e5wp-fdne-gqbs","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39847","reference_id":"","reference_type":"","scores":[{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54937","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-39847"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39847","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39847"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-39847"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e5wp-fdne-gqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208627?format=json","vulnerability_id":"VCID-f4t6-fh1b-byd2","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36054","reference_id":"","reference_type":"","scores":[{"value":"0.00134","scoring_system":"epss","scoring_elements":"0.3253","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36054"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36054"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4t6-fh1b-byd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3297?format=json","vulnerability_id":"VCID-heqm-ammv-j3an","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18233.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18233.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18233","reference_id":"","reference_type":"","scores":[{"value":"0.00548","scoring_system":"epss","scoring_elements":"0.68358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18233"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18233","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18233"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559575","reference_id":"1559575","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559575"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2048","reference_id":"RHSA-2019:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2048"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39344?format=json","purl":"pkg:deb/debian/exempi@2.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18233"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-heqm-ammv-j3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4667?format=json","vulnerability_id":"VCID-hpyf-t5k6-mugf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12648.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12648.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12648","reference_id":"","reference_type":"","scores":[{"value":"0.00459","scoring_system":"epss","scoring_elements":"0.64464","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12648"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594642","reference_id":"1594642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1594642"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902175","reference_id":"902175","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902175"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39351?format=json","purl":"pkg:deb/debian/exempi@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2018-12648"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpyf-t5k6-mugf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208840?format=json","vulnerability_id":"VCID-j99v-m98r-ffh3","summary":"XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42529","reference_id":"","reference_type":"","scores":[{"value":"0.00436","scoring_system":"epss","scoring_elements":"0.6346","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42529"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-42529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j99v-m98r-ffh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208630?format=json","vulnerability_id":"VCID-k5gv-5syq-q3gu","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36057","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13942","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36057"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36057","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36057"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36057"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k5gv-5syq-q3gu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208632?format=json","vulnerability_id":"VCID-ket9-4jen-5kbf","summary":"XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36064","reference_id":"","reference_type":"","scores":[{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72841","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36064"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36064"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ket9-4jen-5kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208624?format=json","vulnerability_id":"VCID-m8a7-6vw9-muex","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a specially-crafted .cpp file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36051","reference_id":"","reference_type":"","scores":[{"value":"0.02416","scoring_system":"epss","scoring_elements":"0.85442","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36051"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36051"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8a7-6vw9-muex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5780?format=json","vulnerability_id":"VCID-ma9r-81h8-uuge","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7730.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7730.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7730","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28849","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7730"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555163","reference_id":"1555163","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555163"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782","reference_id":"892782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2048","reference_id":"RHSA-2019:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2048"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39352?format=json","purl":"pkg:deb/debian/exempi@2.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7730"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ma9r-81h8-uuge"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5778?format=json","vulnerability_id":"VCID-mp98-cwfj-67ac","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7728.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7728.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7728","reference_id":"","reference_type":"","scores":[{"value":"0.00452","scoring_system":"epss","scoring_elements":"0.64188","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7728"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7728","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7728"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555155","reference_id":"1555155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782","reference_id":"892782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39352?format=json","purl":"pkg:deb/debian/exempi@2.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7728"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mp98-cwfj-67ac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208779?format=json","vulnerability_id":"VCID-p5p3-afvh-fbc6","summary":"XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer dereference vulnerability that could result in leaking data from certain memory locations and causing a local denial of service in the context of the current user. User interaction is required to exploit this vulnerability in that the victim will need to open a specially crafted MXF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40732","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35303","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40732"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-40732"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5p3-afvh-fbc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208620?format=json","vulnerability_id":"VCID-pg51-3yfw-yubz","summary":"XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36046","reference_id":"","reference_type":"","scores":[{"value":"0.00352","scoring_system":"epss","scoring_elements":"0.57986","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36046"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36046","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36046"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36046"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pg51-3yfw-yubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3301?format=json","vulnerability_id":"VCID-pu4g-jdsr-qbfs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18237.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18237","reference_id":"","reference_type":"","scores":[{"value":"0.00402","scoring_system":"epss","scoring_elements":"0.61266","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18237"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559599","reference_id":"1559599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559599"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39348?format=json","purl":"pkg:deb/debian/exempi@2.4.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18237"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pu4g-jdsr-qbfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8010?format=json","vulnerability_id":"VCID-pyu8-qjsr-tfax","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18651.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18651.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18651","reference_id":"","reference_type":"","scores":[{"value":"0.02228","scoring_system":"epss","scoring_elements":"0.84885","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18651"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18651","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18651"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/libopenraw/exempi/issues/13","reference_id":"13","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:44:59Z/"}],"url":"https://gitlab.freedesktop.org/libopenraw/exempi/issues/13"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235669","reference_id":"2235669","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235669"},{"reference_url":"https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f","reference_id":"fdd4765a699f9700850098b43b9798b933acb32f","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:44:59Z/"}],"url":"https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html","reference_id":"msg00032.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:44:59Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/09/msg00032.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3066","reference_id":"RHSA-2024:3066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3066"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39357?format=json","purl":"pkg:deb/debian/exempi@2.5.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2020-18651"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pyu8-qjsr-tfax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208622?format=json","vulnerability_id":"VCID-rcpk-dfe2-eycz","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by an Improper Input Validation vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36048","reference_id":"","reference_type":"","scores":[{"value":"0.00545","scoring_system":"epss","scoring_elements":"0.68237","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36048"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36048"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcpk-dfe2-eycz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3298?format=json","vulnerability_id":"VCID-s8s3-k3m4-bydj","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18234.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18234.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18234","reference_id":"","reference_type":"","scores":[{"value":"0.00624","scoring_system":"epss","scoring_elements":"0.70646","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-18234"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18234","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18234"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559590","reference_id":"1559590","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1559590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2048","reference_id":"RHSA-2019:2048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2048"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39348?format=json","purl":"pkg:deb/debian/exempi@2.4.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2017-18234"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s8s3-k3m4-bydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208625?format=json","vulnerability_id":"VCID-sfsp-gdwm-4yea","summary":"XMP Toolkit version 2020.1 (and earlier) is affected by a memory corruption vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36052","reference_id":"","reference_type":"","scores":[{"value":"0.02926","scoring_system":"epss","scoring_elements":"0.86716","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36052"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36052"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfsp-gdwm-4yea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208623?format=json","vulnerability_id":"VCID-trwv-8vcw-tfeb","summary":"XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36050","reference_id":"","reference_type":"","scores":[{"value":"0.00785","scoring_system":"epss","scoring_elements":"0.74205","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36050"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36050","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36050"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36050"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trwv-8vcw-tfeb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208628?format=json","vulnerability_id":"VCID-uvqs-u4ws-3khf","summary":"XMP Toolkit SDK versions 2020.1 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36055","reference_id":"","reference_type":"","scores":[{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.7141","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36055"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36055"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvqs-u4ws-3khf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208839?format=json","vulnerability_id":"VCID-vtwk-z5km-byep","summary":"XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42528","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30471","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42528"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-42528"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtwk-z5km-byep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208843?format=json","vulnerability_id":"VCID-x4bk-7gjg-2ydq","summary":"XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42532","reference_id":"","reference_type":"","scores":[{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66706","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42532"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42532","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42532"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-42532"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x4bk-7gjg-2ydq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208842?format=json","vulnerability_id":"VCID-zvyc-5ad5-sydu","summary":"XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42531","reference_id":"","reference_type":"","scores":[{"value":"0.0099","scoring_system":"epss","scoring_elements":"0.77305","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-42531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42531"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-42531"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zvyc-5ad5-sydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208619?format=json","vulnerability_id":"VCID-zxu8-1grt-53hx","summary":"XMP Toolkit SDK versions 2020.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of arbitrary memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36045","reference_id":"","reference_type":"","scores":[{"value":"0.00296","scoring_system":"epss","scoring_elements":"0.53337","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-36045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36045"},{"reference_url":"https://usn.ubuntu.com/5483-1/","reference_id":"USN-5483-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5483-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39363?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39361?format=json","purl":"pkg:deb/debian/exempi@2.6.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2021-36045"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zxu8-1grt-53hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5781?format=json","vulnerability_id":"VCID-zyed-x1gz-2bep","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7731.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-7731.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7731","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58998","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7731"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7731","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7731"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555164","reference_id":"1555164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1555164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782","reference_id":"892782","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=892782"},{"reference_url":"https://usn.ubuntu.com/3668-1/","reference_id":"USN-3668-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3668-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39352?format=json","purl":"pkg:deb/debian/exempi@2.4.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.4.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39345?format=json","purl":"pkg:deb/debian/exempi@2.5.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.5.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39343?format=json","purl":"pkg:deb/debian/exempi@2.6.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39347?format=json","purl":"pkg:deb/debian/exempi@2.6.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}],"aliases":["CVE-2018-7731"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyed-x1gz-2bep"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exempi@2.6.6-2%3Fdistro=trixie"}