{"url":"http://public2.vulnerablecode.io/api/packages/43178?format=json","purl":"pkg:deb/debian/gimp@2.6.7-1.1?distro=trixie","type":"deb","namespace":"debian","name":"gimp","version":"2.6.7-1.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.6.10-1","latest_non_vulnerable_version":"3.2.4-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183562?format=json","vulnerability_id":"VCID-5udg-z956-cqev","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3909.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3909.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3909","reference_id":"","reference_type":"","scores":[{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91459","published_at":"2026-06-11T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.9149","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=537370","reference_id":"537370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=537370"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556750","reference_id":"556750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556750"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"},{"reference_url":"https://usn.ubuntu.com/880-1/","reference_id":"USN-880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43178?format=json","purl":"pkg:deb/debian/gimp@2.6.7-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.7-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43171?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbe-9hp9-bfh4"},{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-gefv-9vbu-f7ac"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43169?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-gefv-9vbu-f7ac"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43173?format=json","purl":"pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4her-sras-4uhg"},{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43172?format=json","purl":"pkg:deb/debian/gimp@3.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-2%3Fdistro=trixie"}],"aliases":["CVE-2009-3909"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5udg-z956-cqev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183561?format=json","vulnerability_id":"VCID-j2k7-nd7x-d3hw","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1570.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1570","reference_id":"","reference_type":"","scores":[{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.87059","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.87104","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=537356","reference_id":"537356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=537356"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555929","reference_id":"555929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555929"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0837","reference_id":"RHSA-2011:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://usn.ubuntu.com/880-1/","reference_id":"USN-880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/43178?format=json","purl":"pkg:deb/debian/gimp@2.6.7-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.7-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43171?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8xbe-9hp9-bfh4"},{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-gefv-9vbu-f7ac"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43169?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-gefv-9vbu-f7ac"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43173?format=json","purl":"pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4her-sras-4uhg"},{"vulnerability":"VCID-d1rw-etzn-37bs"},{"vulnerability":"VCID-eyyg-rjw2-bkau"},{"vulnerability":"VCID-mqa4-pepu-53gz"},{"vulnerability":"VCID-wupj-s4k2-h7d5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/43172?format=json","purl":"pkg:deb/debian/gimp@3.2.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.4-2%3Fdistro=trixie"}],"aliases":["CVE-2009-1570"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2k7-nd7x-d3hw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.7-1.1%3Fdistro=trixie"}