{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","type":"apk","namespace":"alpine","name":"sane","version":"1.0.30-r0","qualifiers":{"arch":"x86_64","distroversion":"v3.14","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100751?format=json","vulnerability_id":"VCID-19f9-y7mq-6yck","summary":"An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-083.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12863.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12863.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12863","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28193","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28265","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28214","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28172","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2813","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28134","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12863"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12863"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850588","reference_id":"1850588","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850588"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12863"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-19f9-y7mq-6yck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100750?format=json","vulnerability_id":"VCID-37g9-4adu-ckev","summary":"An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-082.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12862.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12862","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28193","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28265","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28214","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28172","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2813","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28134","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12862"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850579","reference_id":"1850579","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850579"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12862"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37g9-4adu-ckev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100753?format=json","vulnerability_id":"VCID-8b5q-wz8z-a3ak","summary":"An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the program, aka GHSL-2020-081.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12864.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12864.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12864","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27908","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27976","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27927","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.2789","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27846","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27853","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12864"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12864"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850564","reference_id":"1850564","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850564"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12864"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8b5q-wz8z-a3ak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100755?format=json","vulnerability_id":"VCID-97ru-t9z7-t3hm","summary":"A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12866.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12866.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12866","reference_id":"","reference_type":"","scores":[{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.43989","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44059","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44067","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44042","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44006","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00215","scoring_system":"epss","scoring_elements":"0.44016","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12866"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12866"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850549","reference_id":"1850549","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850549"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12866"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-97ru-t9z7-t3hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100749?format=json","vulnerability_id":"VCID-hhw1-hkq8-byfa","summary":"A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12861.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12861","reference_id":"","reference_type":"","scores":[{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.6946","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00584","scoring_system":"epss","scoring_elements":"0.6944","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00588","scoring_system":"epss","scoring_elements":"0.69545","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00588","scoring_system":"epss","scoring_elements":"0.69552","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00588","scoring_system":"epss","scoring_elements":"0.69543","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00588","scoring_system":"epss","scoring_elements":"0.69506","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12861"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850556","reference_id":"1850556","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850556"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2902","reference_id":"RHSA-2020:2902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2967","reference_id":"RHSA-2020:2967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3045","reference_id":"RHSA-2020:3045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3045"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12861"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hhw1-hkq8-byfa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100754?format=json","vulnerability_id":"VCID-mea2-7w1r-qyf5","summary":"A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12865.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12865","reference_id":"","reference_type":"","scores":[{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57359","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57411","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57421","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57409","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57397","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00346","scoring_system":"epss","scoring_elements":"0.57413","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12865"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850598","reference_id":"1850598","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1850598"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2902","reference_id":"RHSA-2020:2902","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2902"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2967","reference_id":"RHSA-2020:2967","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2967"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3045","reference_id":"RHSA-2020:3045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3045"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12865"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mea2-7w1r-qyf5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/100756?format=json","vulnerability_id":"VCID-wyay-j35z-6yaa","summary":"A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12867.json","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12867","reference_id":"","reference_type":"","scores":[{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29987","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30058","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.30022","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29992","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29964","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00117","scoring_system":"epss","scoring_elements":"0.29977","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12867"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12867"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848097","reference_id":"1848097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848097"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302","reference_id":"961302","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=961302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:1744","reference_id":"RHSA-2021:1744","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:1744"},{"reference_url":"https://usn.ubuntu.com/4470-1/","reference_id":"USN-4470-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4470-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/449102?format=json","purl":"pkg:apk/alpine/sane@1.0.30-r0?arch=x86_64&distroversion=v3.14&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}],"aliases":["CVE-2020-12867"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyay-j35z-6yaa"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/sane@1.0.30-r0%3Farch=x86_64&distroversion=v3.14&reponame=community"}