Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie

Type deb

Namespace debian

Name libmysofa

Version 1.3.1~dfsg0-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.3.3+dfsg-1

Latest_non_vulnerable_version 1.3.3+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-5yu6-q5mc-vqc9

vulnerability_id VCID-5yu6-q5mc-vqc9

summary libmysofa is vulnerable to Heap-based Buffer Overflow

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3756

reference_id

reference_type

scores

value	0.00328
scoring_system	epss
scoring_elements	0.56192
published_at	2026-06-11T12:55:00Z

value	0.00328
scoring_system	epss
scoring_elements	0.56311
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3756

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3756
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3756

reference_url	https://usn.ubuntu.com/USN-5184-1/
reference_id	USN-USN-5184-1
reference_type
scores
url	https://usn.ubuntu.com/USN-5184-1/

fixed_packages

url	pkg:deb/debian/libmysofa@1.2.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.2.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2021-3756

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yu6-q5mc-vqc9

url VCID-6yf6-qf47-wbgb

vulnerability_id VCID-6yf6-qf47-wbgb

summary Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16091

reference_id

reference_type

scores

value	0.00457
scoring_system	epss
scoring_elements	0.64358
published_at	2026-06-11T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.64461
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16091

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16091
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16091

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735
reference_id	939735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735

reference_url	https://usn.ubuntu.com/4473-1/
reference_id	USN-4473-1
reference_type
scores
url	https://usn.ubuntu.com/4473-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-16091

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6yf6-qf47-wbgb

url VCID-7hfn-ydyy-zqe1

vulnerability_id VCID-7hfn-ydyy-zqe1

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36152

reference_id

reference_type

scores

value	0.01446
scoring_system	epss
scoring_elements	0.81176
published_at	2026-06-11T12:55:00Z

value	0.01446
scoring_system	epss
scoring_elements	0.81236
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36152

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36152
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36152

reference_url

https://security.archlinux.org/AVG-1547

reference_id

AVG-1547

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1547

fixed_packages

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-36152

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7hfn-ydyy-zqe1

url VCID-8wz2-y184-b7h1

vulnerability_id VCID-8wz2-y184-b7h1

summary Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16093

reference_id

reference_type

scores

value	0.0047
scoring_system	epss
scoring_elements	0.65025
published_at	2026-06-11T12:55:00Z

value	0.0047
scoring_system	epss
scoring_elements	0.65124
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16093

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16093
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16093

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735
reference_id	939735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735

reference_url	https://usn.ubuntu.com/4473-1/
reference_id	USN-4473-1
reference_type
scores
url	https://usn.ubuntu.com/4473-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-16093

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wz2-y184-b7h1

url VCID-9wek-h1wm-cbhj

vulnerability_id VCID-9wek-h1wm-cbhj

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36149

reference_id

reference_type

scores

value	0.00285
scoring_system	epss
scoring_elements	0.52337
published_at	2026-06-11T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52466
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36149

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36149
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36149

reference_url

https://security.archlinux.org/AVG-1547

reference_id

AVG-1547

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1547

fixed_packages

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-36149

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wek-h1wm-cbhj

url VCID-j157-achx-8yfy

vulnerability_id VCID-j157-achx-8yfy

summary libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20016

reference_id

reference_type

scores

value	0.00528
scoring_system	epss
scoring_elements	0.67574
published_at	2026-06-11T12:55:00Z

value	0.00528
scoring_system	epss
scoring_elements	0.67663
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20016

fixed_packages

url	pkg:deb/debian/libmysofa@0.9~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.9~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.9~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-20016

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j157-achx-8yfy

url VCID-k8wa-a5zp-8ffw

vulnerability_id VCID-k8wa-a5zp-8ffw

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36151

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.55966
published_at	2026-06-11T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.56087
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36151

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36151
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36151

reference_url

https://security.archlinux.org/AVG-1547

reference_id

AVG-1547

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1547

fixed_packages

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-36151

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8wa-a5zp-8ffw

url VCID-pmsv-vmaw-wqcu

vulnerability_id VCID-pmsv-vmaw-wqcu

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36150

reference_id

reference_type

scores

value	0.00326
scoring_system	epss
scoring_elements	0.55966
published_at	2026-06-11T12:55:00Z

value	0.00326
scoring_system	epss
scoring_elements	0.56087
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36150

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36150
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36150

reference_url

https://security.archlinux.org/AVG-1547

reference_id

AVG-1547

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1547

fixed_packages

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-36150

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pmsv-vmaw-wqcu

url VCID-rjj6-9qpb-uka9

vulnerability_id VCID-rjj6-9qpb-uka9

summary Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16094

reference_id

reference_type

scores

value	0.00452
scoring_system	epss
scoring_elements	0.64148
published_at	2026-06-11T12:55:00Z

value	0.00452
scoring_system	epss
scoring_elements	0.64251
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16094

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16094
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16094

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735
reference_id	939735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735

reference_url	https://usn.ubuntu.com/4473-1/
reference_id	USN-4473-1
reference_type
scores
url	https://usn.ubuntu.com/4473-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-16094

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rjj6-9qpb-uka9

url VCID-rwq3-ffgt-y7dd

vulnerability_id VCID-rwq3-ffgt-y7dd

summary multiple issues

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36148

reference_id

reference_type

scores

value	0.00285
scoring_system	epss
scoring_elements	0.52337
published_at	2026-06-11T12:55:00Z

value	0.00285
scoring_system	epss
scoring_elements	0.52466
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36148

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36148
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36148

reference_url

https://security.archlinux.org/AVG-1547

reference_id

AVG-1547

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1547

fixed_packages

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-36148

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rwq3-ffgt-y7dd

url VCID-t3z7-44wj-7fac

vulnerability_id VCID-t3z7-44wj-7fac

summary Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16092

reference_id

reference_type

scores

value	0.00408
scoring_system	epss
scoring_elements	0.61607
published_at	2026-06-11T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61709
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16092

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16092
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16092

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735
reference_id	939735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735

reference_url	https://usn.ubuntu.com/4473-1/
reference_id	USN-4473-1
reference_type
scores
url	https://usn.ubuntu.com/4473-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-16092

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t3z7-44wj-7fac

url VCID-ta8s-vu15-fkbj

vulnerability_id VCID-ta8s-vu15-fkbj

summary hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of memory, as demonstrated by mysofa2json.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20063

reference_id

reference_type

scores

value	0.00391
scoring_system	epss
scoring_elements	0.6056
published_at	2026-06-11T12:55:00Z

value	0.00391
scoring_system	epss
scoring_elements	0.60665
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20063

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20063
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20063

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-20063

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ta8s-vu15-fkbj

url VCID-xu83-6xrc-qbfg

vulnerability_id VCID-xu83-6xrc-qbfg

summary treeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10672

reference_id

reference_type

scores

value	0.00597
scoring_system	epss
scoring_elements	0.69879
published_at	2026-06-11T12:55:00Z

value	0.00597
scoring_system	epss
scoring_elements	0.6997
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10672

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10672

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926125
reference_id	926125
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926125

reference_url	https://usn.ubuntu.com/4033-1/
reference_id	USN-4033-1
reference_type
scores
url	https://usn.ubuntu.com/4033-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.6~dfsg0-3?distro=trixie
purl	pkg:deb/debian/libmysofa@0.6~dfsg0-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.6~dfsg0-3%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-10672

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xu83-6xrc-qbfg

url VCID-xwzy-mj9n-tuhq

vulnerability_id VCID-xwzy-mj9n-tuhq

summary Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/reader.c.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16095

reference_id

reference_type

scores

value	0.00457
scoring_system	epss
scoring_elements	0.64358
published_at	2026-06-11T12:55:00Z

value	0.00457
scoring_system	epss
scoring_elements	0.64461
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16095

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16095
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16095

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735
reference_id	939735
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939735

reference_url	https://usn.ubuntu.com/4473-1/
reference_id	USN-4473-1
reference_type
scores
url	https://usn.ubuntu.com/4473-1/

fixed_packages

url	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@0.8~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@0.8~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2019-16095

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xwzy-mj9n-tuhq

url VCID-xy62-r53b-zqer

vulnerability_id VCID-xy62-r53b-zqer

summary libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-6860

reference_id

reference_type

scores

value	0.0054
scoring_system	epss
scoring_elements	0.68058
published_at	2026-06-11T12:55:00Z

value	0.0054
scoring_system	epss
scoring_elements	0.68146
published_at	2026-06-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-6860

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6860
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6860

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949325
reference_id	949325
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=949325

fixed_packages

url	pkg:deb/debian/libmysofa@1.0~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.0~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.0~dfsg0-1%3Fdistro=trixie

url pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

purl pkg:deb/debian/libmysofa@1.2~dfsg0-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5yu6-q5mc-vqc9

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.2~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.1~dfsg0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

url	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/libmysofa@1.3.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.3%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2020-6860

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xy62-r53b-zqer

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libmysofa@1.3.1~dfsg0-1%3Fdistro=trixie

Package Instance