{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","type":"apk","namespace":"alpine","name":"graphicsmagick","version":"1.3.26-r5","qualifiers":{"arch":"x86","distroversion":"v3.17","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.3.27-r0","latest_non_vulnerable_version":"1.3.35-r2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93118?format=json","vulnerability_id":"VCID-1hfa-9cbc-yfch","summary":"The ReadJNGImage and ReadOneJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 do not properly manage image pointers after certain error conditions, which allows remote attackers to conduct use-after-free attacks via a crafted file, related to a ReadMNGImage out-of-order CloseBlob call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-11403.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14103","reference_id":"","reference_type":"","scores":[{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83306","published_at":"2026-04-29T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83299","published_at":"2026-04-26T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83163","published_at":"2026-04-01T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.8318","published_at":"2026-04-02T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83193","published_at":"2026-04-04T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83216","published_at":"2026-04-08T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83239","published_at":"2026-04-11T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83234","published_at":"2026-04-12T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83229","published_at":"2026-04-13T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83265","published_at":"2026-04-16T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83267","published_at":"2026-04-18T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83268","published_at":"2026-04-21T12:55:00Z"},{"value":"0.019","scoring_system":"epss","scoring_elements":"0.83292","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14103"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14103","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14103"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-14103"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1hfa-9cbc-yfch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93110?format=json","vulnerability_id":"VCID-5ejx-vfmd-7fh8","summary":"In GraphicsMagick 1.3.26, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13648","reference_id":"","reference_type":"","scores":[{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62532","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62535","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62369","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62428","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62425","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62476","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62492","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62511","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.625","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62478","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.6252","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62526","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62509","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00429","scoring_system":"epss","scoring_elements":"0.62519","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13648"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13648","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13648"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-13648"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ejx-vfmd-7fh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93116?format=json","vulnerability_id":"VCID-7fjy-7tv8-wqca","summary":"A memory allocation failure was discovered in the ReadPNMImage function in coders/pnm.c in GraphicsMagick 1.3.26. The vulnerability causes a big memory allocation, which may lead to remote denial of service in the MagickRealloc function in magick/memory.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14042","reference_id":"","reference_type":"","scores":[{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62672","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.6264","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62617","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62659","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62647","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62675","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00431","scoring_system":"epss","scoring_elements":"0.62633","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72238","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72251","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72213","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72219","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72214","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14042"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873538","reference_id":"873538","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873538"},{"reference_url":"https://usn.ubuntu.com/4206-1/","reference_id":"USN-4206-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4206-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-14042"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7fjy-7tv8-wqca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/63654?format=json","vulnerability_id":"VCID-8v9a-4t7e-9qax","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13065","reference_id":"","reference_type":"","scores":[{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79721","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79699","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79585","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79592","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79614","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79601","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.7963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79637","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79658","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79642","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79635","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01287","scoring_system":"epss","scoring_elements":"0.79669","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-13065"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10794","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10794"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10800","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10800"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11638","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11638"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11643","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11643"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11722","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11722"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13063","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13063"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13065","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13065"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13134","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13737","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13737"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13775","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13775"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13776","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13776"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-13777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14733","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14994"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14997","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14997"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15277","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16353","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16353"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16545","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16545"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16547","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16547"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17500","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17500"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17501","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17501"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17915","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17915"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18219","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18219"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18220","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18220"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873119","reference_id":"873119","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873119"},{"reference_url":"https://security.archlinux.org/ASA-201801-7","reference_id":"ASA-201801-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-7"},{"reference_url":"https://security.archlinux.org/AVG-355","reference_id":"AVG-355","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-355"},{"reference_url":"https://usn.ubuntu.com/4222-1/","reference_id":"USN-4222-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4222-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-13065"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8v9a-4t7e-9qax"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93122?format=json","vulnerability_id":"VCID-s3a1-5mc6-rkd9","summary":"The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has an issue where memory allocation is excessive because it depends only on a length field in a header. This may lead to remote denial of service in the MagickMalloc function in magick/memory.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14165","reference_id":"","reference_type":"","scores":[{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70706","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70697","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70707","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.7055","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70564","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70581","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70558","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70604","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70642","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70627","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70613","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70658","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00642","scoring_system":"epss","scoring_elements":"0.70645","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14165"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14165","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14165"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874724","reference_id":"874724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=874724"},{"reference_url":"https://security.archlinux.org/ASA-201801-7","reference_id":"ASA-201801-7","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-7"},{"reference_url":"https://security.archlinux.org/AVG-355","reference_id":"AVG-355","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-355"},{"reference_url":"https://usn.ubuntu.com/4232-1/","reference_id":"USN-4232-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4232-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/475500?format=json","purl":"pkg:apk/alpine/graphicsmagick@1.3.26-r5?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}],"aliases":["CVE-2017-14165"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3a1-5mc6-rkd9"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/graphicsmagick@1.3.26-r5%3Farch=x86&distroversion=v3.17&reponame=community"}