{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","type":"apk","namespace":"alpine","name":"ffmpeg","version":"4.0.2-r0","qualifiers":{"arch":"x86","distroversion":"v3.13","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.1-r0","latest_non_vulnerable_version":"4.3.3-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93660?format=json","vulnerability_id":"VCID-2y9j-sdhe-t3fv","summary":"FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999014","reference_id":"","reference_type":"","scores":[{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63256","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63222","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63242","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.6311","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.6317","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.632","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63165","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63217","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63235","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63251","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0044","scoring_system":"epss","scoring_elements":"0.63243","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999014"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999014","reference_id":"CVE-2018-1999014","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999014"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999014"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2y9j-sdhe-t3fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93661?format=json","vulnerability_id":"VCID-44fr-brhn-3ba5","summary":"FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999015","reference_id":"","reference_type":"","scores":[{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59348","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59351","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59329","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59221","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59295","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59318","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59283","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59333","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59346","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59349","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59331","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.59364","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00378","scoring_system":"epss","scoring_elements":"0.5937","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999015"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/5aba5b89d0b1d73164d3b81764828bb8b20ff32a"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999015","reference_id":"CVE-2018-1999015","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999015"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999015"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44fr-brhn-3ba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93533?format=json","vulnerability_id":"VCID-64rv-4d7p-f7ae","summary":"In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13304","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62789","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62773","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62621","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62679","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62712","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62676","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62728","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62744","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62762","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62769","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62777","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.62758","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13304"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/bd27a9364ca274ca97f1df6d984e88a0700fb235"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13304","reference_id":"CVE-2018-13304","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13304"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-13304"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-64rv-4d7p-f7ae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93531?format=json","vulnerability_id":"VCID-77c1-h4ns-zkdg","summary":"In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13301","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62867","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62888","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62735","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62786","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62837","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62872","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62861","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62839","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.6288","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62887","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13301"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/2aa9047486dbff12d9e040f917e5f799ed2fd78b"},{"reference_url":"http://www.securityfocus.com/bid/104675","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104675"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13301","reference_id":"CVE-2018-13301","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13301"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-13301"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-77c1-h4ns-zkdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73061?format=json","vulnerability_id":"VCID-dy2j-at4k-7qdn","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57069","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57068","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57087","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57019","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57113","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57135","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57111","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57162","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57164","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57176","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57155","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57158","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57137","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/a7e032a277452366771951e29fd0bf2bd5c029f0"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999013","reference_id":"CVE-2018-1999013","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999013"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999013"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dy2j-at4k-7qdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74031?format=json","vulnerability_id":"VCID-hng1-rpw3-sqby","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999011","reference_id":"","reference_type":"","scores":[{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86926","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86917","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86923","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86823","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86852","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86845","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86865","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86874","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86887","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86882","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86877","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86895","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.86899","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03138","scoring_system":"epss","scoring_elements":"0.869","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a582869","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/2b46ebdbff1d8dec7a3d8ea280a612b91a582869"},{"reference_url":"https://seclists.org/bugtraq/2019/May/60","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/May/60"},{"reference_url":"https://www.debian.org/security/2019/dsa-4449","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4449"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999011","reference_id":"CVE-2018-1999011","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999011"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999011"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hng1-rpw3-sqby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73062?format=json","vulnerability_id":"VCID-qwnc-76hk-33fa","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66527","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.6651","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66526","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66376","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66415","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66441","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66411","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.6646","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66473","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66493","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66481","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.6645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66485","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66502","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00512","scoring_system":"epss","scoring_elements":"0.66486","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e1","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/9807d3976be0e92e4ece3b4b1701be894cd7c2e1"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00041.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00041.html"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999012","reference_id":"CVE-2018-1999012","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:C"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999012"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999012"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwnc-76hk-33fa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93532?format=json","vulnerability_id":"VCID-scwk-yz1c-f3hg","summary":"In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13303","reference_id":"","reference_type":"","scores":[{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62888","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62735","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62822","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62786","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62837","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62872","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62861","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62839","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.6288","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.62867","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13303"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/00e8181bd97c834fe60751b0c511d4bb97875f78"},{"reference_url":"http://www.securityfocus.com/bid/104675","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104675"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:4.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13303","reference_id":"CVE-2018-13303","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13303"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-13303"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scwk-yz1c-f3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73063?format=json","vulnerability_id":"VCID-xnz9-udka-nufz","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64688","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.6468","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64692","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64547","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.646","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64629","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64586","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64635","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64651","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64668","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64656","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64627","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64663","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64675","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64661","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/cced03dd667a5df6df8fd40d8de0bff477ee02e8"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00006.html"},{"reference_url":"http://www.securityfocus.com/bid/104896","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104896"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999010","reference_id":"CVE-2018-1999010","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1999010"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/424591?format=json","purl":"pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=x86&distroversion=v3.13&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}],"aliases":["CVE-2018-1999010"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnz9-udka-nufz"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=x86&distroversion=v3.13&reponame=community"}