{"url":"http://public2.vulnerablecode.io/api/packages/570999?format=json","purl":"pkg:deb/debian/gimp@1.0.2-3","type":"deb","namespace":"debian","name":"gimp","version":"1.0.2-3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.10.34-1+deb12u10","latest_non_vulnerable_version":"3.0.4-3+deb13u8","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60882?format=json","vulnerability_id":"VCID-1da3-1t47-4ygh","summary":"Multiple vulnerabilities have been discovered in GIMP, allowing for the\n    remote execution of arbitrary code.","references":[{"reference_url":"http://bugzilla.gnome.org/show_bug.cgi?id=451379","reference_id":"","reference_type":"","scores":[],"url":"http://bugzilla.gnome.org/show_bug.cgi?id=451379"},{"reference_url":"http://developer.gimp.org/NEWS-2.2","reference_id":"","reference_type":"","scores":[],"url":"http://developer.gimp.org/NEWS-2.2"},{"reference_url":"http://issues.foresightlinux.org/browse/FL-457","reference_id":"","reference_type":"","scores":[],"url":"http://issues.foresightlinux.org/browse/FL-457"},{"reference_url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551","reference_id":"","reference_type":"","scores":[],"url":"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=551"},{"reference_url":"http://osvdb.org/42139","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42139"},{"reference_url":"http://osvdb.org/42140","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42140"},{"reference_url":"http://osvdb.org/42141","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42141"},{"reference_url":"http://osvdb.org/42142","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42142"},{"reference_url":"http://osvdb.org/42143","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42143"},{"reference_url":"http://osvdb.org/42144","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42144"},{"reference_url":"http://osvdb.org/42145","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/42145"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4519.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-4519.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4519","reference_id":"","reference_type":"","scores":[{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91861","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91901","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91905","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.9192","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91916","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91869","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91876","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07669","scoring_system":"epss","scoring_elements":"0.91883","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09264","scoring_system":"epss","scoring_elements":"0.92745","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09264","scoring_system":"epss","scoring_elements":"0.92752","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09264","scoring_system":"epss","scoring_elements":"0.92748","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09264","scoring_system":"epss","scoring_elements":"0.92757","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-4519"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4519","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4519"},{"reference_url":"http://secunia.com/advisories/26132","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26132"},{"reference_url":"http://secunia.com/advisories/26215","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26215"},{"reference_url":"http://secunia.com/advisories/26240","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26240"},{"reference_url":"http://secunia.com/advisories/26575","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26575"},{"reference_url":"http://secunia.com/advisories/26939","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26939"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200707-09.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200707-09.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35308","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35308"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10842"},{"reference_url":"http://www.debian.org/security/2007/dsa-1335","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1335"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:170","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:170"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0513.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0513.html"},{"reference_url":"http://www.securityfocus.com/archive/1/475257/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/475257/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/24835","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24835"},{"reference_url":"http://www.securitytracker.com/id?1018349","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018349"},{"reference_url":"http://www.ubuntu.com/usn/usn-494-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-494-1"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2471","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2471"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=247565","reference_id":"247565","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=247565"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2006-4519","reference_id":"CVE-2006-4519","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-4519"},{"reference_url":"https://security.gentoo.org/glsa/200707-09","reference_id":"GLSA-200707-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200707-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0513","reference_id":"RHSA-2007:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0513"},{"reference_url":"https://usn.ubuntu.com/494-1/","reference_id":"USN-494-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/494-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571004?format=json","purl":"pkg:deb/debian/gimp@2.4.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.4.7-1"}],"aliases":["CVE-2006-4519"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1da3-1t47-4ygh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64452?format=json","vulnerability_id":"VCID-1w47-u2aa-8uaj","summary":"gimp: GIMP: Remote Code Execution via out-of-bounds write in XWD file parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2045.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2045.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2045","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15169","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1518","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15112","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15051","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.14951","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1496","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15012","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1505","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15052","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15236","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15041","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15129","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.1515","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17314","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1745","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2045"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2045","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2045"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128604","reference_id":"1128604","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441522","reference_id":"2441522","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441522"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275","reference_id":"68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:40Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4173","reference_id":"RHSA-2026:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5113","reference_id":"RHSA-2026:5113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5388","reference_id":"RHSA-2026:5388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5389","reference_id":"RHSA-2026:5389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5390","reference_id":"RHSA-2026:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5391","reference_id":"RHSA-2026:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5434","reference_id":"RHSA-2026:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5435","reference_id":"RHSA-2026:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5436","reference_id":"RHSA-2026:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5437","reference_id":"RHSA-2026:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5437"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-119/","reference_id":"ZDI-26-119","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:40Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-119/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2045"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1w47-u2aa-8uaj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56767?format=json","vulnerability_id":"VCID-23ev-8ph6-qyd8","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/03/2"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/04/7"},{"reference_url":"http://osvdb.org/70282","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70282"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4540.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4540","reference_id":"","reference_type":"","scores":[{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89626","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89549","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89553","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89566","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89583","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89588","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89594","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89601","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89603","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89613","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04891","scoring_system":"epss","scoring_elements":"0.89617","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4540"},{"reference_url":"http://secunia.com/advisories/42771","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42771"},{"reference_url":"http://secunia.com/advisories/44750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44750"},{"reference_url":"http://secunia.com/advisories/48236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/48236"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64582","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64582"},{"reference_url":"http://www.debian.org/security/2012/dsa-2426","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2426"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0016","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"608497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=666793","reference_id":"666793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=666793"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4540","reference_id":"CVE-2010-4540","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4540"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0839","reference_id":"RHSA-2011:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0839"},{"reference_url":"https://usn.ubuntu.com/1109-1/","reference_id":"USN-1109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2010-4540"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-23ev-8ph6-qyd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96594?format=json","vulnerability_id":"VCID-2k57-pmhe-9uds","summary":"GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  The specific flaw exists within the parsing of FLI files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25100.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2761","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44407","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44705","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44601","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44608","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44528","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44725","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44662","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44734","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44702","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44703","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44758","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44751","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44681","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2761"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2761","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2761"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://usn.ubuntu.com/8057-1/","reference_id":"USN-8057-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8057-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-204/","reference_id":"ZDI-25-204","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T18:21:41Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-204/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-2761"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2k57-pmhe-9uds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64643?format=json","vulnerability_id":"VCID-2p8s-2h2y-aqg4","summary":"gimp: GIMP: Denial of service via crafted PSP image file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2271.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2271","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15529","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.15659","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28067","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28015","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27924","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27906","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27864","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28109","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27903","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.2797","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.33972","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.33991","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2271"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127841","reference_id":"1127841","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127841"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15732","reference_id":"15732","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:52:36Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15732"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438429","reference_id":"2438429","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:52:36Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438429"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-2271","reference_id":"CVE-2026-2271","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:52:36Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-2271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2271"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2p8s-2h2y-aqg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64891?format=json","vulnerability_id":"VCID-2yr2-zppt-47eq","summary":"gimp: heap-based buffer overflow via specially crafted PSP file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15059.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-15059.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15059","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13072","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12835","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12838","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12936","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1296","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12822","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13125","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12927","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13006","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13058","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1302","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.1298","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12934","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15059"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15059","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-15059"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/03575ac8cbb0ef3103b0a15d6598475088dcc15e","reference_id":"03575ac8cbb0ef3103b0a15d6598475088dcc15e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T19:49:18Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/03575ac8cbb0ef3103b0a15d6598475088dcc15e"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126267","reference_id":"1126267","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126267"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432296","reference_id":"2432296","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2432296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2707","reference_id":"RHSA-2026:2707","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2707"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2930","reference_id":"RHSA-2026:2930","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2930"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2950","reference_id":"RHSA-2026:2950","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2950"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2953","reference_id":"RHSA-2026:2953","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2953"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2969","reference_id":"RHSA-2026:2969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2969"},{"reference_url":"https://usn.ubuntu.com/8057-1/","reference_id":"USN-8057-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8057-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1196/","reference_id":"ZDI-25-1196","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T19:49:18Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1196/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-15059"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2yr2-zppt-47eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81574?format=json","vulnerability_id":"VCID-35p4-a8t3-f3g1","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-07/msg00005.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2589.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2589.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4994.json","reference_id":"","reference_type":"","scores":[{"value":"2.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4994.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4994","reference_id":"","reference_type":"","scores":[{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70446","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70571","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.7054","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.7059","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70599","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70459","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70477","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70454","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70501","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70516","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70539","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70524","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.7051","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70553","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00639","scoring_system":"epss","scoring_elements":"0.70562","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-4994"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=767873","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=767873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4994"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/gimp/commit/?id=e82aaa4b4ee0703c879e35ea9321fff6be3e9b6f"},{"reference_url":"http://www.debian.org/security/2016/dsa-3612","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3612"},{"reference_url":"http://www.securityfocus.com/bid/91425","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/91425"},{"reference_url":"http://www.securitytracker.com/id/1036226","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1036226"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.431987"},{"reference_url":"http://www.ubuntu.com/usn/USN-3025-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-3025-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348617","reference_id":"1348617","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1348617"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828179","reference_id":"828179","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=828179"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4994","reference_id":"CVE-2016-4994","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-4994"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2589","reference_id":"RHSA-2016:2589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2589"},{"reference_url":"https://usn.ubuntu.com/3025-1/","reference_id":"USN-3025-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3025-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"}],"aliases":["CVE-2016-4994"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35p4-a8t3-f3g1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70756?format=json","vulnerability_id":"VCID-4wae-t183-yydb","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17789.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17789","reference_id":"","reference_type":"","scores":[{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76063","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76222","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76167","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76199","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76066","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76098","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76077","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76111","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76124","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76149","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76125","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76122","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00932","scoring_system":"epss","scoring_elements":"0.76163","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17789"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=790849","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=790849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"http://www.securityfocus.com/bid/102898","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/102898"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529146","reference_id":"1529146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529146"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884837","reference_id":"884837","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884837"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17789","reference_id":"CVE-2017-17789","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17789"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17789"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4wae-t183-yydb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56764?format=json","vulnerability_id":"VCID-5ds4-62sx-xud3","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1570.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1570.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1570","reference_id":"","reference_type":"","scores":[{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86705","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86716","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86735","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86734","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86753","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86762","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86773","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86768","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86783","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86788","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86785","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86808","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0308","scoring_system":"epss","scoring_elements":"0.86829","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1570"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1570"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=537356","reference_id":"537356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=537356"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555929","reference_id":"555929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555929"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0837","reference_id":"RHSA-2011:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://usn.ubuntu.com/880-1/","reference_id":"USN-880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571005?format=json","purl":"pkg:deb/debian/gimp@2.6.10-1%2Bsqueeze4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.10-1%252Bsqueeze4"}],"aliases":["CVE-2009-1570"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ds4-62sx-xud3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87052?format=json","vulnerability_id":"VCID-5yx1-7s7z-m3ar","summary":"gimp: NULL pointer deref crash when reading FIT file with crafted XTENSION header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3236.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3236","reference_id":"","reference_type":"","scores":[{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92863","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.9287","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92874","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.9288","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92889","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92888","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92898","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92909","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92912","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92907","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09627","scoring_system":"epss","scoring_elements":"0.92915","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3236"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3236","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=834627","reference_id":"834627","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=834627"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/19482.txt","reference_id":"CVE-2012-3236;OSVDB-83634","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/19482.txt"},{"reference_url":"https://usn.ubuntu.com/1559-1/","reference_id":"USN-1559-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1559-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2012-3236"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5yx1-7s7z-m3ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86700?format=json","vulnerability_id":"VCID-6uzq-6ejf-kudc","summary":"autotrace: buffer overflow when parsing BMP files","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1953.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1953","reference_id":"","reference_type":"","scores":[{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57182","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57263","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57286","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57264","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57315","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57317","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.5733","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57311","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.5729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57318","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57313","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57249","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57272","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00347","scoring_system":"epss","scoring_elements":"0.57203","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1953"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=951257","reference_id":"951257","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=951257"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571005?format=json","purl":"pkg:deb/debian/gimp@2.6.10-1%2Bsqueeze4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.10-1%252Bsqueeze4"}],"aliases":["CVE-2013-1953"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6uzq-6ejf-kudc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56256?format=json","vulnerability_id":"VCID-6yt4-22x4-2kdk","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00023.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-09/msg00043.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1180.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1180.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3481.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3481.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3481","reference_id":"","reference_type":"","scores":[{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88046","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88055","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88069","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88074","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88094","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88099","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88109","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88102","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88103","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88116","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88113","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88131","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88136","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03809","scoring_system":"epss","scoring_elements":"0.88135","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3481"},{"reference_url":"https://bugzilla.novell.com/show_bug.cgi?id=776572","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.novell.com/show_bug.cgi?id=776572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3481"},{"reference_url":"http://secunia.com/advisories/50296","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50296"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:142"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/20/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/20/8"},{"reference_url":"http://www.securityfocus.com/bid/55101","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55101"},{"reference_url":"http://www.securitytracker.com/id?1027411","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1027411"},{"reference_url":"http://www.ubuntu.com/usn/USN-1559-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1559-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685397","reference_id":"685397","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685397"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=847303","reference_id":"847303","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=847303"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3481","reference_id":"CVE-2012-3481","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3481"},{"reference_url":"https://security.gentoo.org/glsa/201311-05","reference_id":"GLSA-201311-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1180","reference_id":"RHSA-2012:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"},{"reference_url":"https://usn.ubuntu.com/1559-1/","reference_id":"USN-1559-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1559-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2012-3481"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yt4-22x4-2kdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96592?format=json","vulnerability_id":"VCID-81y4-4cxp-bybu","summary":"GIMP XWD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  The specific flaw exists within the parsing of XWD files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25082.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2760","reference_id":"","reference_type":"","scores":[{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63754","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63674","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63726","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63744","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63757","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.637","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.6366","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63712","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63729","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63743","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63728","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.63695","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.6373","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00451","scoring_system":"epss","scoring_elements":"0.6374","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2760"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2760","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2760"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107758","reference_id":"1107758","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107758"},{"reference_url":"https://usn.ubuntu.com/8075-1/","reference_id":"USN-8075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8075-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-203/","reference_id":"ZDI-25-203","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T18:26:53Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-203/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-2760"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-81y4-4cxp-bybu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56774?format=json","vulnerability_id":"VCID-8fnp-pegd-vkf3","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3402.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3402","reference_id":"","reference_type":"","scores":[{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81653","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81495","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81506","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81528","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81526","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81554","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81559","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81579","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81567","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81597","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81598","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81603","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81625","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81633","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01578","scoring_system":"epss","scoring_elements":"0.81638","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3402"},{"reference_url":"https://bugzilla.redhat.com/attachment.cgi?id=603059&action=diff","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/attachment.cgi?id=603059&action=diff"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3402"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/20/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/20/6"},{"reference_url":"http://www.securitytracker.com/id?1027411","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1027411"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=838941","reference_id":"838941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=838941"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3402","reference_id":"CVE-2012-3402","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3402"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571004?format=json","purl":"pkg:deb/debian/gimp@2.4.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.4.7-1"}],"aliases":["CVE-2012-3402"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8fnp-pegd-vkf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69459?format=json","vulnerability_id":"VCID-99yx-7yr3-dfht","summary":"gimp: GIMP ICO File Parsing Integer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5473.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5473.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5473","reference_id":"","reference_type":"","scores":[{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81894","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82046","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81986","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81988","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82011","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82022","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82027","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81917","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81913","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81939","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81947","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81967","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81956","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8195","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-5473"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5473"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105005","reference_id":"1105005","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1105005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370867","reference_id":"2370867","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370867"},{"reference_url":"https://www.gimp.org/news/2025/05/18/gimp-3-0-4-released/#general-bugfixes","reference_id":"#general-bugfixes","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T16:48:26Z/"}],"url":"https://www.gimp.org/news/2025/05/18/gimp-3-0-4-released/#general-bugfixes"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9162","reference_id":"RHSA-2025:9162","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9165","reference_id":"RHSA-2025:9165","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9308","reference_id":"RHSA-2025:9308","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9309","reference_id":"RHSA-2025:9309","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9310","reference_id":"RHSA-2025:9310","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9314","reference_id":"RHSA-2025:9314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9315","reference_id":"RHSA-2025:9315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9316","reference_id":"RHSA-2025:9316","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9501","reference_id":"RHSA-2025:9501","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9569","reference_id":"RHSA-2025:9569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:9569"},{"reference_url":"https://usn.ubuntu.com/8082-1/","reference_id":"USN-8082-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8082-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-321/","reference_id":"ZDI-25-321","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T16:48:26Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-321/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-5473"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-99yx-7yr3-dfht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62051?format=json","vulnerability_id":"VCID-bcwp-42cm-g3et","summary":"Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44444.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44444.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44444","reference_id":"","reference_type":"","scores":[{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97887","published_at":"2026-04-04T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97919","published_at":"2026-05-05T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.9791","published_at":"2026-04-21T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97911","published_at":"2026-04-18T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97908","published_at":"2026-04-24T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97909","published_at":"2026-04-26T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.9789","published_at":"2026-04-07T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97895","published_at":"2026-04-08T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97897","published_at":"2026-04-09T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.979","published_at":"2026-04-11T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97901","published_at":"2026-04-12T12:55:00Z"},{"value":"0.51792","scoring_system":"epss","scoring_elements":"0.97903","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44444"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984","reference_id":"1055984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249946","reference_id":"2249946","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249946"},{"reference_url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/","reference_id":"gimp-2-10-36-released","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:16:55Z/"}],"url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/"},{"reference_url":"https://security.gentoo.org/glsa/202501-02","reference_id":"GLSA-202501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0675","reference_id":"RHSA-2024:0675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0702","reference_id":"RHSA-2024:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0716","reference_id":"RHSA-2024:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0861","reference_id":"RHSA-2024:0861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0862","reference_id":"RHSA-2024:0862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0863","reference_id":"RHSA-2024:0863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1007","reference_id":"RHSA-2024:1007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10666","reference_id":"RHSA-2024:10666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1327","reference_id":"RHSA-2024:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0746","reference_id":"RHSA-2025:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3617","reference_id":"RHSA-2025:3617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3629","reference_id":"RHSA-2025:3629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7417","reference_id":"RHSA-2025:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7417"},{"reference_url":"https://usn.ubuntu.com/6521-1/","reference_id":"USN-6521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6521-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1591/","reference_id":"ZDI-23-1591","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T14:16:55Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1591/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026169?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-3sqk-cbwn-tqa7"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2"}],"aliases":["CVE-2023-44444","ZDI-CAN-22097"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bcwp-42cm-g3et"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79701?format=json","vulnerability_id":"VCID-bf8d-qkyh-auds","summary":"Gimp: context-dependent attackers to cause a denial of service","references":[{"reference_url":"http://osvdb.org/43453","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/43453"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3126.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3126.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3126","reference_id":"","reference_type":"","scores":[{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75525","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75674","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75659","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.7567","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75527","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75557","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75579","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.7559","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75615","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75596","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75589","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75626","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.7563","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.75654","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3126"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=778604","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=778604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3126","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3126"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34789","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/34789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv2","scoring_elements":"AV:A/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7","reference_id":"","reference_type":"","scores":[],"url":"https://git.gnome.org/browse/gimp/commit/?id=323ecb73f7bf36788fb7066eb2d6678830cd5de7"},{"reference_url":"https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/","reference_id":"","reference_type":"","scores":[],"url":"https://www.gimp.org/news/2017/05/11/gimp-2-8-22-released/"},{"reference_url":"http://www.securityfocus.com/archive/1/470751/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/470751/100/0/threaded"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051868","reference_id":"2051868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051868"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885382","reference_id":"885382","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885382"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3126","reference_id":"CVE-2007-3126","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-3126"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2007-3126"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bf8d-qkyh-auds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69446?format=json","vulnerability_id":"VCID-bhsc-qy1f-27dj","summary":"gimp: Gimp Integer Overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6035.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6035","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02243","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0224","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02242","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10482","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.1046","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10329","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10291","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10301","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10485","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10516","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1277","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.12875","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.1291","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6035"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/13518","reference_id":"13518","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T15:40:56Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/13518"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372515","reference_id":"2372515","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T15:40:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372515"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6035","reference_id":"CVE-2025-6035","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-13T15:40:56Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6035"},{"reference_url":"https://usn.ubuntu.com/8082-1/","reference_id":"USN-8082-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8082-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-6035"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhsc-qy1f-27dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56769?format=json","vulnerability_id":"VCID-bq1c-u55x-5beh","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/03/2"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/04/7"},{"reference_url":"http://osvdb.org/70283","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70283"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4542.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4542.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4542","reference_id":"","reference_type":"","scores":[{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87963","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87868","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87884","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87912","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87924","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87916","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.8793","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87929","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87946","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87953","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03676","scoring_system":"epss","scoring_elements":"0.87952","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4542"},{"reference_url":"http://secunia.com/advisories/42771","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42771"},{"reference_url":"http://secunia.com/advisories/44750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44750"},{"reference_url":"http://secunia.com/advisories/48236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/48236"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"http://www.debian.org/security/2012/dsa-2426","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2426"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0016","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"608497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703405","reference_id":"703405","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703405"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4542","reference_id":"CVE-2010-4542","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4542"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0839","reference_id":"RHSA-2011:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0839"},{"reference_url":"https://usn.ubuntu.com/1109-1/","reference_id":"USN-1109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2010-4542"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bq1c-u55x-5beh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56768?format=json","vulnerability_id":"VCID-cdfh-uhac-sbam","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/03/2"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/04/7"},{"reference_url":"http://osvdb.org/70281","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70281"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4541.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4541","reference_id":"","reference_type":"","scores":[{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86783","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.8667","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86689","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86688","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86707","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86717","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.8673","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86727","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86721","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86735","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.8674","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03062","scoring_system":"epss","scoring_elements":"0.86754","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04027","scoring_system":"epss","scoring_elements":"0.8843","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4541"},{"reference_url":"http://secunia.com/advisories/42771","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42771"},{"reference_url":"http://secunia.com/advisories/44750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44750"},{"reference_url":"http://secunia.com/advisories/48236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/48236"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64581","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64581"},{"reference_url":"http://www.debian.org/security/2012/dsa-2426","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2426"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0016","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"608497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703403","reference_id":"703403","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703403"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4541","reference_id":"CVE-2010-4541","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4541"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0837","reference_id":"RHSA-2011:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0839","reference_id":"RHSA-2011:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0839"},{"reference_url":"https://usn.ubuntu.com/1109-1/","reference_id":"USN-1109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2010-4541"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cdfh-uhac-sbam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/351414?format=json","vulnerability_id":"VCID-d967-53mv-13b6","summary":"GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.  The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-28863.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4152.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4152.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4152","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09897","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09931","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.0989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09772","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09855","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18062","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18012","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17954","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1934","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4152"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457533","reference_id":"2457533","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457533"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/f64c9c23ba3c37dc7b875a9fb477c23953b4666e","reference_id":"f64c9c23ba3c37dc7b875a9fb477c23953b4666e","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:24:03Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/f64c9c23ba3c37dc7b875a9fb477c23953b4666e"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-219/","reference_id":"ZDI-26-219","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:24:03Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-219/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1026171?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1068122?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10"},{"url":"http://public2.vulnerablecode.io/api/packages/1068117?format=json","purl":"pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994911?format=json","purl":"pkg:deb/debian/gimp@3.2.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1"}],"aliases":["CVE-2026-4152"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d967-53mv-13b6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62046?format=json","vulnerability_id":"VCID-dav9-9ar6-gkbn","summary":"Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30067.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30067.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30067","reference_id":"","reference_type":"","scores":[{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28888","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28956","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28998","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.29002","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28908","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28932","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28861","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28743","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28631","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28562","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00107","scoring_system":"epss","scoring_elements":"0.28404","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-30067"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30067","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30067"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087591","reference_id":"2087591","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2087591"},{"reference_url":"https://security.gentoo.org/glsa/202501-02","reference_id":"GLSA-202501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7978","reference_id":"RHSA-2022:7978","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7978"},{"reference_url":"https://usn.ubuntu.com/6521-1/","reference_id":"USN-6521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6521-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2022-30067"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dav9-9ar6-gkbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267399?format=json","vulnerability_id":"VCID-dkmg-nu4f-xbay","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4150.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4150.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4150","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11044","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10835","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10892","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1096","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11006","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19603","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19651","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19544","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00063","scoring_system":"epss","scoring_elements":"0.19508","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20973","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4150"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4150","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4150"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10","reference_id":"00afdabdadeb5457fd897878b1e5aebc3780af10","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:25:13Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/00afdabdadeb5457fd897878b1e5aebc3780af10"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457535","reference_id":"2457535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457535"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-217/","reference_id":"ZDI-26-217","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:25:13Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-217/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1026171?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1068122?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10"},{"url":"http://public2.vulnerablecode.io/api/packages/1068117?format=json","purl":"pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994911?format=json","purl":"pkg:deb/debian/gimp@3.2.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1"}],"aliases":["CVE-2026-4150"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dkmg-nu4f-xbay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69509?format=json","vulnerability_id":"VCID-dtpr-ndvm-5udg","summary":"gimp: Multiple heap buffer overflows in TGA parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48797.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48797","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23882","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24168","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24045","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24033","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23991","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24271","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24288","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24204","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24191","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/11822","reference_id":"11822","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/11822"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368558","reference_id":"2368558","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368558"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-48797","reference_id":"CVE-2025-48797","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-48797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9162","reference_id":"RHSA-2025:9162","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9165","reference_id":"RHSA-2025:9165","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9308","reference_id":"RHSA-2025:9308","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9309","reference_id":"RHSA-2025:9309","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9310","reference_id":"RHSA-2025:9310","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9314","reference_id":"RHSA-2025:9314","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9315","reference_id":"RHSA-2025:9315","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9316","reference_id":"RHSA-2025:9316","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9501","reference_id":"RHSA-2025:9501","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9569","reference_id":"RHSA-2025:9569","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:22:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9569"},{"reference_url":"https://usn.ubuntu.com/8075-1/","reference_id":"USN-8075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8075-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-48797"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dtpr-ndvm-5udg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61025?format=json","vulnerability_id":"VCID-enq7-y48z-gybf","summary":"GIMP is vulnerable to a buffer overflow which may lead to the execution of\n    arbitrary code.","references":[{"reference_url":"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.suse.com/archive/suse-security-announce/2007-May/0005.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2356.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2356.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2356","reference_id":"","reference_type":"","scores":[{"value":"0.40424","scoring_system":"epss","scoring_elements":"0.97329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97362","published_at":"2026-04-02T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97367","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97374","published_at":"2026-04-08T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97375","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97378","published_at":"2026-04-12T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97379","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97387","published_at":"2026-04-16T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.9739","published_at":"2026-04-24T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97393","published_at":"2026-04-26T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97396","published_at":"2026-04-29T12:55:00Z"},{"value":"0.41011","scoring_system":"epss","scoring_elements":"0.97401","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2356"},{"reference_url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238422","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=238422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2356"},{"reference_url":"http://secunia.com/advisories/25012","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25012"},{"reference_url":"http://secunia.com/advisories/25111","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25111"},{"reference_url":"http://secunia.com/advisories/25167","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25167"},{"reference_url":"http://secunia.com/advisories/25239","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25239"},{"reference_url":"http://secunia.com/advisories/25346","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25346"},{"reference_url":"http://secunia.com/advisories/25359","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25359"},{"reference_url":"http://secunia.com/advisories/25466","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25466"},{"reference_url":"http://secunia.com/advisories/25573","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25573"},{"reference_url":"http://secunia.com/advisories/28114","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28114"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200705-08.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200705-08.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33911","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/33911"},{"reference_url":"https://issues.rpath.com/browse/RPL-1318","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1318"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10054","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10054"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5960","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5960"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"},{"reference_url":"http://www.debian.org/security/2007/dsa-1301","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1301"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:108","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:108"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0343.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0343.html"},{"reference_url":"http://www.securityfocus.com/archive/1/467231/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/467231/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/23680","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/23680"},{"reference_url":"http://www.securitytracker.com/id?1018092","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1018092"},{"reference_url":"http://www.ubuntu.com/usn/usn-467-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-467-1"},{"reference_url":"http://www.vupen.com/english/advisories/2007/1560","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/1560"},{"reference_url":"http://www.vupen.com/english/advisories/2007/4241","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/4241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=238420","reference_id":"238420","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=238420"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.2.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.2.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.2.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2356","reference_id":"CVE-2007-2356","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2356"},{"reference_url":"https://security.gentoo.org/glsa/200705-08","reference_id":"GLSA-200705-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-08"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/3801.c","reference_id":"OSVDB-35417;CVE-2007-2356","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/3801.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/3888.c","reference_id":"OSVDB-35417;CVE-2007-2356","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/local/3888.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0343","reference_id":"RHSA-2007:0343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0343"},{"reference_url":"https://usn.ubuntu.com/467-1/","reference_id":"USN-467-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/467-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571004?format=json","purl":"pkg:deb/debian/gimp@2.4.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.4.7-1"}],"aliases":["CVE-2007-2356"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enq7-y48z-gybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62050?format=json","vulnerability_id":"VCID-eybg-sjmd-q7a2","summary":"Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44443.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44443.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44443","reference_id":"","reference_type":"","scores":[{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98408","published_at":"2026-04-02T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98434","published_at":"2026-05-05T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98421","published_at":"2026-04-13T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98426","published_at":"2026-04-16T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98425","published_at":"2026-04-21T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98428","published_at":"2026-04-24T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98429","published_at":"2026-04-29T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98411","published_at":"2026-04-04T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98414","published_at":"2026-04-07T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98417","published_at":"2026-04-08T12:55:00Z"},{"value":"0.63756","scoring_system":"epss","scoring_elements":"0.98418","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984","reference_id":"1055984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249944","reference_id":"2249944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249944"},{"reference_url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/","reference_id":"gimp-2-10-36-released","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T17:14:40Z/"}],"url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/"},{"reference_url":"https://security.gentoo.org/glsa/202501-02","reference_id":"GLSA-202501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0675","reference_id":"RHSA-2024:0675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0702","reference_id":"RHSA-2024:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0716","reference_id":"RHSA-2024:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0746","reference_id":"RHSA-2025:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3617","reference_id":"RHSA-2025:3617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3629","reference_id":"RHSA-2025:3629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7417","reference_id":"RHSA-2025:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7417"},{"reference_url":"https://usn.ubuntu.com/6521-1/","reference_id":"USN-6521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6521-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1593/","reference_id":"ZDI-23-1593","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T17:14:40Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1593/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026169?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-3sqk-cbwn-tqa7"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2"}],"aliases":["CVE-2023-44443","ZDI-CAN-22096"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eybg-sjmd-q7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54806?format=json","vulnerability_id":"VCID-fta8-9na3-u3hb","summary":"several","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1913.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1913","reference_id":"","reference_type":"","scores":[{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83676","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83689","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83703","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83705","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83729","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83736","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83752","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83746","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83741","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83775","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83776","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.838","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83809","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.83816","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02017","scoring_system":"epss","scoring_elements":"0.8384","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305","reference_id":"731305","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=947868","reference_id":"947868","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=947868"},{"reference_url":"https://security.gentoo.org/glsa/201603-01","reference_id":"GLSA-201603-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1778","reference_id":"RHSA-2013:1778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1778"},{"reference_url":"https://usn.ubuntu.com/2051-1/","reference_id":"USN-2051-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2051-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035810?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1"}],"aliases":["CVE-2013-1913"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fta8-9na3-u3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70751?format=json","vulnerability_id":"VCID-g7zy-qgvc-cueg","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17784.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17784.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17784","reference_id":"","reference_type":"","scores":[{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63464","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63578","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63579","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63598","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63611","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63605","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63551","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63516","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63584","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.636","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63585","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63588","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00448","scoring_system":"epss","scoring_elements":"0.63596","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17784"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=790784","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=790784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"http://www.securityfocus.com/bid/102899","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/102899"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529144","reference_id":"1529144","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529144"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884925","reference_id":"884925","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884925"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17784","reference_id":"CVE-2017-17784","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17784"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17784"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g7zy-qgvc-cueg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66658?format=json","vulnerability_id":"VCID-gdxp-wy9y-m3h1","summary":"gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10922.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10922.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10922","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23142","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.22975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25521","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25772","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25744","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25689","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.2568","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25632","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25821","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25873","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25883","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25842","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25786","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00092","scoring_system":"epss","scoring_elements":"0.25789","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10922"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10922","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10922"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116459","reference_id":"1116459","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1116459"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407188","reference_id":"2407188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407188"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/3d909166463731e94dfe62042d76225ecfc4c1e4","reference_id":"3d909166463731e94dfe62042d76225ecfc4c1e4","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:09Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/3d909166463731e94dfe62042d76225ecfc4c1e4"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21968","reference_id":"RHSA-2025:21968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22417","reference_id":"RHSA-2025:22417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22445","reference_id":"RHSA-2025:22445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22496","reference_id":"RHSA-2025:22496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22497","reference_id":"RHSA-2025:22497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22498","reference_id":"RHSA-2025:22498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22866","reference_id":"RHSA-2025:22866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23857","reference_id":"RHSA-2025:23857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0027","reference_id":"RHSA-2026:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0250","reference_id":"RHSA-2026:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0356","reference_id":"RHSA-2026:0356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0356"},{"reference_url":"https://usn.ubuntu.com/8057-1/","reference_id":"USN-8057-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8057-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-911/","reference_id":"ZDI-25-911","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:09Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-911/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-10922"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdxp-wy9y-m3h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70755?format=json","vulnerability_id":"VCID-hkc8-4uw7-2yc3","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17788.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17788","reference_id":"","reference_type":"","scores":[{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65887","published_at":"2026-04-01T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66005","published_at":"2026-05-05T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66","published_at":"2026-04-21T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66019","published_at":"2026-04-24T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65925","published_at":"2026-04-07T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65976","published_at":"2026-04-08T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65988","published_at":"2026-04-09T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66007","published_at":"2026-04-11T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65994","published_at":"2026-04-12T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65964","published_at":"2026-04-13T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65998","published_at":"2026-04-16T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66012","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17788"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=790783","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=790783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529141","reference_id":"1529141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529141"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885347","reference_id":"885347","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885347"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17788","reference_id":"CVE-2017-17788","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17788"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17788"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkc8-4uw7-2yc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65827?format=json","vulnerability_id":"VCID-hrab-t25s-5ybg","summary":"gimp: GIMP: Remote Code Execution via JP2 file parsing heap-based buffer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14425.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14425.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14425","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.2873","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28536","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28601","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28643","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28599","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28551","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28571","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28546","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28498","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35099","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34977","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35201","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35178","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14425"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14425","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14425"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424767","reference_id":"2424767","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424767"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd","reference_id":"cd1c88a0364ad1444c06536731972a99bd8643fd","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-02T14:03:55Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/cd1c88a0364ad1444c06536731972a99bd8643fd"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0914","reference_id":"RHSA-2026:0914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1511","reference_id":"RHSA-2026:1511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1585","reference_id":"RHSA-2026:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1586","reference_id":"RHSA-2026:1586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1587","reference_id":"RHSA-2026:1587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1587"},{"reference_url":"https://usn.ubuntu.com/8057-1/","reference_id":"USN-8057-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8057-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1139/","reference_id":"ZDI-25-1139","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-02T14:03:55Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1139/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-14425"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hrab-t25s-5ybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64455?format=json","vulnerability_id":"VCID-jy45-8uuz-y7bf","summary":"gimp: GIMP: Remote Code Execution via ICO File Parsing Vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0797.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0797","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11061","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11039","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10893","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10903","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1102","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10978","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10932","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11138","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10958","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11036","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11093","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.12822","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-0797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128601","reference_id":"1128601","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128601"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441524","reference_id":"2441524","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441524"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c","reference_id":"69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:45Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/69cc6b1a6645dc9c4d7b484483dbe6a84b922b9c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4173","reference_id":"RHSA-2026:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5113","reference_id":"RHSA-2026:5113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5388","reference_id":"RHSA-2026:5388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5389","reference_id":"RHSA-2026:5389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5390","reference_id":"RHSA-2026:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5391","reference_id":"RHSA-2026:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5434","reference_id":"RHSA-2026:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5435","reference_id":"RHSA-2026:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5436","reference_id":"RHSA-2026:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5437","reference_id":"RHSA-2026:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5437"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-050/","reference_id":"ZDI-26-050","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:45Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-050/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-0797"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jy45-8uuz-y7bf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69508?format=json","vulnerability_id":"VCID-krn9-65fh-sqgq","summary":"gimp: Multiple use after free in XCF parser","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48798.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48798.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48798","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23882","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24345","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24191","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24168","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24045","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24033","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.23991","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24378","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24161","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24228","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24271","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24288","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24245","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24204","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-48798"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48798","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48798"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/11822","reference_id":"11822","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/11822"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368557","reference_id":"2368557","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2368557"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-48798","reference_id":"CVE-2025-48798","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-48798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9162","reference_id":"RHSA-2025:9162","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9162"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9165","reference_id":"RHSA-2025:9165","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9308","reference_id":"RHSA-2025:9308","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9308"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9309","reference_id":"RHSA-2025:9309","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9309"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9310","reference_id":"RHSA-2025:9310","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9310"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9314","reference_id":"RHSA-2025:9314","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9315","reference_id":"RHSA-2025:9315","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9316","reference_id":"RHSA-2025:9316","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9316"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9501","reference_id":"RHSA-2025:9501","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9501"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9569","reference_id":"RHSA-2025:9569","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-27T14:21:28Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9569"},{"reference_url":"https://usn.ubuntu.com/8075-1/","reference_id":"USN-8075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8075-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-48798"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-krn9-65fh-sqgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56257?format=json","vulnerability_id":"VCID-nb8e-umcc-yudg","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code.","references":[{"reference_url":"http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1","reference_id":"","reference_type":"","scores":[],"url":"http://git.gnome.org/browse/gimp/commit/?id=2873262fccba12af144ed96ed91be144d92ff2e1"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2012-12/msg00017.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2013-01/msg00014.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5576.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5576.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5576","reference_id":"","reference_type":"","scores":[{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.9103","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90932","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90937","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90946","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90956","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90967","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90973","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.90982","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.91007","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.91005","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.91021","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.91019","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06336","scoring_system":"epss","scoring_elements":"0.91016","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5576"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=687392","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=687392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5576"},{"reference_url":"http://secunia.com/advisories/50296","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50296"},{"reference_url":"http://secunia.com/advisories/51479","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51479"},{"reference_url":"http://secunia.com/advisories/51528","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51528"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/11/27/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/11/27/1"},{"reference_url":"http://www.securityfocus.com/bid/56647","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/56647"},{"reference_url":"http://www.ubuntu.com/usn/USN-1659-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1659-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693977","reference_id":"693977","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=879302","reference_id":"879302","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=879302"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5576","reference_id":"CVE-2012-5576","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5576"},{"reference_url":"https://security.gentoo.org/glsa/201311-05","reference_id":"GLSA-201311-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1778","reference_id":"RHSA-2013:1778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1778"},{"reference_url":"https://usn.ubuntu.com/1659-1/","reference_id":"USN-1659-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1659-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2012-5576"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nb8e-umcc-yudg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267401?format=json","vulnerability_id":"VCID-ney7-z8qy-kuce","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4153.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4153.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4153","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18062","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18012","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17954","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19354","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19096","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19202","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19242","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19253","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-4153"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4153","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4153"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457536","reference_id":"2457536","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2457536"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/98cb1371fd4e22cca75017ea3252dc32fc218712","reference_id":"98cb1371fd4e22cca75017ea3252dc32fc218712","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:24:23Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/98cb1371fd4e22cca75017ea3252dc32fc218712"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-220/","reference_id":"ZDI-26-220","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:24:23Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-220/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"},{"url":"http://public2.vulnerablecode.io/api/packages/1026171?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u9","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u9"},{"url":"http://public2.vulnerablecode.io/api/packages/1068122?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u10","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u10"},{"url":"http://public2.vulnerablecode.io/api/packages/1068117?format=json","purl":"pkg:deb/debian/gimp@3.0.4-3%2Bdeb13u8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.0.4-3%252Bdeb13u8"},{"url":"http://public2.vulnerablecode.io/api/packages/994911?format=json","purl":"pkg:deb/debian/gimp@3.2.2-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@3.2.2-1"}],"aliases":["CVE-2026-4153"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ney7-z8qy-kuce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49990?format=json","vulnerability_id":"VCID-pkzd-5g7r-cfh8","summary":"GIMP is prone to a buffer overflow which may lead to the execution of\n    arbitrary code when loading specially crafted XCF files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3404.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3404.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3404","reference_id":"","reference_type":"","scores":[{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83184","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.832","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83215","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83213","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83238","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83245","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.8326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83254","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.8325","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83286","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83288","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83289","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83312","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.8332","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83327","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01905","scoring_system":"epss","scoring_elements":"0.83352","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-3404"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3404"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618141","reference_id":"1618141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618141"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049","reference_id":"377049","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=377049"},{"reference_url":"https://security.gentoo.org/glsa/200607-08","reference_id":"GLSA-200607-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200607-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0598","reference_id":"RHSA-2006:0598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0598"},{"reference_url":"https://usn.ubuntu.com/312-1/","reference_id":"USN-312-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/312-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571002?format=json","purl":"pkg:deb/debian/gimp@2.2.13-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1da3-1t47-4ygh"},{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-8fnp-pegd-vkf3"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-enq7-y48z-gybf"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-teck-svws-tyae"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-vjn6-7mrr-j7cn"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.2.13-1"}],"aliases":["CVE-2006-3404"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pkzd-5g7r-cfh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70754?format=json","vulnerability_id":"VCID-q23d-29ut-uyhd","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17787.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17787.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17787","reference_id":"","reference_type":"","scores":[{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56694","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56702","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56808","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56746","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56764","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56748","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56809","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56784","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56836","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56841","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56848","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56826","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56804","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56835","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00341","scoring_system":"epss","scoring_elements":"0.56833","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17787"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=790853","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=790853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529143","reference_id":"1529143","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529143"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884927","reference_id":"884927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884927"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17787","reference_id":"CVE-2017-17787","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17787"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17787"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q23d-29ut-uyhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64670?format=json","vulnerability_id":"VCID-qsyr-7tn1-uyhv","summary":"gimp: GIMP: Application crash (DoS) via crafted PSD file due to heap-buffer-overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2239.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2239.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2239","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01681","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06024","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06008","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06157","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06172","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05985","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06062","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06052","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06043","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0087","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2239"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2239","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2239"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127838","reference_id":"1127838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127838"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15812","reference_id":"15812","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T11:29:11Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15812"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437675","reference_id":"2437675","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T11:29:11Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2437675"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-2239","reference_id":"CVE-2026-2239","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-30T11:29:11Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-2239"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2239"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qsyr-7tn1-uyhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70753?format=json","vulnerability_id":"VCID-r1ds-par2-5kb4","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17786.json","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17786.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17786","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55463","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55491","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55624","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55551","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55569","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55543","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55575","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55577","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55629","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55632","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55641","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.5562","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55603","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55645","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17786"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=739134","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=739134"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"http://www.securityfocus.com/bid/102765","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/102765"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529145","reference_id":"1529145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529145"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884862","reference_id":"884862","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884862"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17786","reference_id":"CVE-2017-17786","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17786"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17786"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r1ds-par2-5kb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54807?format=json","vulnerability_id":"VCID-rgcb-3vf1-23dk","summary":"several","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1978.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1978.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1978","reference_id":"","reference_type":"","scores":[{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87429","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87438","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87452","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87454","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.8748","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87483","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87498","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.875","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87515","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.8752","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03438","scoring_system":"epss","scoring_elements":"0.87533","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1978"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305","reference_id":"731305","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=953902","reference_id":"953902","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=953902"},{"reference_url":"https://security.gentoo.org/glsa/201603-01","reference_id":"GLSA-201603-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201603-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1778","reference_id":"RHSA-2013:1778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1778"},{"reference_url":"https://usn.ubuntu.com/2051-1/","reference_id":"USN-2051-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2051-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1035810?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1"}],"aliases":["CVE-2013-1978"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgcb-3vf1-23dk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64450?format=json","vulnerability_id":"VCID-rraw-1e9t-x3f3","summary":"gimp: GIMP: Remote Code Execution via XWD file parsing vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2048.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2048.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2048","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14621","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14649","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14569","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14509","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14401","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14402","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14474","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14507","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14691","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14502","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14591","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14608","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16736","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1687","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2048"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2048","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2048"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128606","reference_id":"1128606","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1128606"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441527","reference_id":"2441527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441527"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2586/diffs?commit_id=57712677007793118388c5be6fb8231f22a2b341","reference_id":"diffs?commit_id=57712677007793118388c5be6fb8231f22a2b341","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:37Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2586/diffs?commit_id=57712677007793118388c5be6fb8231f22a2b341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4173","reference_id":"RHSA-2026:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5113","reference_id":"RHSA-2026:5113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5388","reference_id":"RHSA-2026:5388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5389","reference_id":"RHSA-2026:5389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5390","reference_id":"RHSA-2026:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5391","reference_id":"RHSA-2026:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5434","reference_id":"RHSA-2026:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5435","reference_id":"RHSA-2026:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5436","reference_id":"RHSA-2026:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5437","reference_id":"RHSA-2026:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5437"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-121/","reference_id":"ZDI-26-121","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:37Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-121/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2048"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rraw-1e9t-x3f3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62048?format=json","vulnerability_id":"VCID-s17j-j45c-nqgs","summary":"Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44441.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44441.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44441","reference_id":"","reference_type":"","scores":[{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93669","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93733","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.9372","published_at":"2026-04-18T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93723","published_at":"2026-04-21T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93729","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93726","published_at":"2026-04-26T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93679","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.9368","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93689","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93696","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11742","scoring_system":"epss","scoring_elements":"0.93713","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984","reference_id":"1055984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249938","reference_id":"2249938","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249938"},{"reference_url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/","reference_id":"gimp-2-10-36-released","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:16:52Z/"}],"url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/"},{"reference_url":"https://security.gentoo.org/glsa/202501-02","reference_id":"GLSA-202501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0675","reference_id":"RHSA-2024:0675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0702","reference_id":"RHSA-2024:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0716","reference_id":"RHSA-2024:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3617","reference_id":"RHSA-2025:3617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3629","reference_id":"RHSA-2025:3629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7417","reference_id":"RHSA-2025:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7417"},{"reference_url":"https://usn.ubuntu.com/6521-1/","reference_id":"USN-6521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6521-1/"},{"reference_url":"https://usn.ubuntu.com/7209-1/","reference_id":"USN-7209-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7209-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1592/","reference_id":"ZDI-23-1592","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-05T15:16:52Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1592/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026169?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-3sqk-cbwn-tqa7"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2"}],"aliases":["CVE-2023-44441","ZDI-CAN-22093"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s17j-j45c-nqgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87384?format=json","vulnerability_id":"VCID-sn31-adaw-8kbz","summary":"Gimp: Incomplete fix for CVE-2010-4543 PSP plug-in heap overflow issue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1782.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1782","reference_id":"","reference_type":"","scores":[{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.8126","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81282","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81281","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.8131","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81315","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81335","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81322","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81351","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81353","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81354","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81376","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81383","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81388","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01531","scoring_system":"epss","scoring_elements":"0.81405","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1782"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629830","reference_id":"629830","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629830"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=704512","reference_id":"704512","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=704512"},{"reference_url":"https://usn.ubuntu.com/1147-1/","reference_id":"USN-1147-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1147-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2011-1782"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sn31-adaw-8kbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56770?format=json","vulnerability_id":"VCID-svvz-6tap-wqbe","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/03/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/03/2"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/04/7"},{"reference_url":"http://osvdb.org/70284","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70284"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4543.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4543.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4543","reference_id":"","reference_type":"","scores":[{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95903","published_at":"2026-05-05T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95833","published_at":"2026-04-01T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95841","published_at":"2026-04-02T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95849","published_at":"2026-04-04T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95852","published_at":"2026-04-07T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95861","published_at":"2026-04-08T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95868","published_at":"2026-04-11T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95869","published_at":"2026-04-13T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95881","published_at":"2026-04-16T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95886","published_at":"2026-04-18T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95888","published_at":"2026-04-21T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.95889","published_at":"2026-04-26T12:55:00Z"},{"value":"0.22756","scoring_system":"epss","scoring_elements":"0.9589","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4543"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4543"},{"reference_url":"http://secunia.com/advisories/42771","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42771"},{"reference_url":"http://secunia.com/advisories/44750","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/44750"},{"reference_url":"http://secunia.com/advisories/48236","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/48236"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"http://www.debian.org/security/2012/dsa-2426","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2426"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:103"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0839.html"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0016","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497","reference_id":"608497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=703407","reference_id":"703407","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=703407"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.6.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4543","reference_id":"CVE-2010-4543","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4543"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35162.cob","reference_id":"CVE-2010-4543;OSVDB-70284","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/35162.cob"},{"reference_url":"https://www.securityfocus.com/bid/45647/info","reference_id":"CVE-2010-4543;OSVDB-70284","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/45647/info"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0837","reference_id":"RHSA-2011:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0839","reference_id":"RHSA-2011:0839","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0839"},{"reference_url":"https://usn.ubuntu.com/1109-1/","reference_id":"USN-1109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1109-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2010-4543"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-svvz-6tap-wqbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88673?format=json","vulnerability_id":"VCID-teck-svws-tyae","summary":"Gimp image loader multiple input validation flaws","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3741.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3741.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3741","reference_id":"","reference_type":"","scores":[{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82455","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82469","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82486","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82483","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.8251","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82536","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82532","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01744","scoring_system":"epss","scoring_elements":"0.82527","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82884","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82883","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82885","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82907","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82916","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82921","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01815","scoring_system":"epss","scoring_elements":"0.82941","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3741"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3741","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3741"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=248053","reference_id":"248053","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=248053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0513","reference_id":"RHSA-2007:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0513"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571004?format=json","purl":"pkg:deb/debian/gimp@2.4.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.4.7-1"}],"aliases":["CVE-2007-3741"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-teck-svws-tyae"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56765?format=json","vulnerability_id":"VCID-tq1x-gwac-6uc9","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3909.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3909.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3909","reference_id":"","reference_type":"","scores":[{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91304","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91254","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91253","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91277","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91279","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91289","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06708","scoring_system":"epss","scoring_elements":"0.91288","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.9359","published_at":"2026-04-01T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93599","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93607","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93609","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93618","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93621","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11539","scoring_system":"epss","scoring_elements":"0.93625","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3909"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3909"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=537370","reference_id":"537370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=537370"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556750","reference_id":"556750","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=556750"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"},{"reference_url":"https://usn.ubuntu.com/880-1/","reference_id":"USN-880-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/880-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571005?format=json","purl":"pkg:deb/debian/gimp@2.6.10-1%2Bsqueeze4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.10-1%252Bsqueeze4"}],"aliases":["CVE-2009-3909"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tq1x-gwac-6uc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65830?format=json","vulnerability_id":"VCID-tth9-nncy-5qap","summary":"gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14422.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14422.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14422","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30228","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.3019","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30277","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30094","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.3015","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30115","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30097","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.30052","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36878","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36762","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36997","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36965","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-14422"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14422","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14422"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424766","reference_id":"2424766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424766"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb","reference_id":"4ff2d773d58064e6130495de498e440f4a6d5edb","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-01T04:55:23Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/4ff2d773d58064e6130495de498e440f4a6d5edb"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0914","reference_id":"RHSA-2026:0914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1511","reference_id":"RHSA-2026:1511","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1511"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1574","reference_id":"RHSA-2026:1574","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1574"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1584","reference_id":"RHSA-2026:1584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1585","reference_id":"RHSA-2026:1585","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1585"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1586","reference_id":"RHSA-2026:1586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1587","reference_id":"RHSA-2026:1587","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1588","reference_id":"RHSA-2026:1588","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1588"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1589","reference_id":"RHSA-2026:1589","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1589"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1590","reference_id":"RHSA-2026:1590","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1590"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1591","reference_id":"RHSA-2026:1591","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1591"},{"reference_url":"https://usn.ubuntu.com/8075-1/","reference_id":"USN-8075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8075-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1136/","reference_id":"ZDI-25-1136","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-01T04:55:23Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-1136/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-14422"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tth9-nncy-5qap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56771?format=json","vulnerability_id":"VCID-u8j3-25up-5bcb","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"http://git.gnome.org/browse/gimp/commit/?id=a9671395f6573e90316a9d748588c5435216f6ce","reference_id":"","reference_type":"","scores":[],"url":"http://git.gnome.org/browse/gimp/commit/?id=a9671395f6573e90316a9d748588c5435216f6ce"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1178.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1178","reference_id":"","reference_type":"","scores":[{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84533","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84379","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84393","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84414","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84416","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84438","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84443","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84461","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84455","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84451","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84473","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84474","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84476","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84503","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84512","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02208","scoring_system":"epss","scoring_elements":"0.84516","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1178"},{"reference_url":"http://secunia.com/advisories/50737","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50737"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201209-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201209-23.xml"},{"reference_url":"http://securitytracker.com/id?1025586","reference_id":"","reference_type":"","scores":[],"url":"http://securitytracker.com/id?1025586"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67787","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/67787"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:110","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2011:110"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0837.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0838.html"},{"reference_url":"http://www.securityfocus.com/bid/48057","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/48057"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=689831","reference_id":"689831","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=689831"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1178","reference_id":"CVE-2011-1178","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1178"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0837","reference_id":"RHSA-2011:0837","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0837"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0838","reference_id":"RHSA-2011:0838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0838"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571005?format=json","purl":"pkg:deb/debian/gimp@2.6.10-1%2Bsqueeze4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.6.10-1%252Bsqueeze4"}],"aliases":["CVE-2011-1178"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u8j3-25up-5bcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64453?format=json","vulnerability_id":"VCID-ubet-venh-tqct","summary":"gimp: GIMP: Remote Code Execution via uninitialized memory in PGM file parsing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2044.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2044.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2044","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11793","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11736","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11711","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11573","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11575","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11658","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11618","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11836","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11624","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11709","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.11775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13483","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.13574","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2044"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2044","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2044"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441521","reference_id":"2441521","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2441521"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2569/diffs?commit_id=112a5e038f0646eae5ae314988ec074433d2b365","reference_id":"diffs?commit_id=112a5e038f0646eae5ae314988ec074433d2b365","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:42Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/merge_requests/2569/diffs?commit_id=112a5e038f0646eae5ae314988ec074433d2b365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4173","reference_id":"RHSA-2026:4173","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4173"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5113","reference_id":"RHSA-2026:5113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5388","reference_id":"RHSA-2026:5388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5389","reference_id":"RHSA-2026:5389","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5389"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5390","reference_id":"RHSA-2026:5390","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5391","reference_id":"RHSA-2026:5391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5434","reference_id":"RHSA-2026:5434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5435","reference_id":"RHSA-2026:5435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5436","reference_id":"RHSA-2026:5436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:5437","reference_id":"RHSA-2026:5437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:5437"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-26-118/","reference_id":"ZDI-26-118","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-21T04:56:42Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-26-118/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2044"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubet-venh-tqct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64642?format=json","vulnerability_id":"VCID-uujf-3fhp-8fgg","summary":"gimp: GIMP: Memory corruption due to integer overflow in ICO file handling","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2272.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2272.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2272","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.0794","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07972","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24277","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24115","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24129","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2446","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24243","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24309","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24352","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2437","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24328","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24271","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24288","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24729","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-2272"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2272","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2272"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127842","reference_id":"1127842","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1127842"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15617","reference_id":"15617","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T13:43:56Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/issues/15617"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438428","reference_id":"2438428","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T13:43:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2438428"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-2272","reference_id":"CVE-2026-2272","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T13:43:56Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-2272"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2026-2272"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uujf-3fhp-8fgg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60883?format=json","vulnerability_id":"VCID-vjn6-7mrr-j7cn","summary":"Multiple vulnerabilities have been discovered in GIMP, allowing for the\n    remote execution of arbitrary code.","references":[{"reference_url":"http://issues.foresightlinux.org/browse/FL-457","reference_id":"","reference_type":"","scores":[],"url":"http://issues.foresightlinux.org/browse/FL-457"},{"reference_url":"http://osvdb.org/37804","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/37804"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2949.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2949.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2949","reference_id":"","reference_type":"","scores":[{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.9704","published_at":"2026-05-05T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.96988","published_at":"2026-04-01T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-04-02T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.96999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97001","published_at":"2026-04-07T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97011","published_at":"2026-04-08T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97012","published_at":"2026-04-09T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97014","published_at":"2026-04-11T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97016","published_at":"2026-04-13T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97025","published_at":"2026-04-16T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97029","published_at":"2026-04-18T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97033","published_at":"2026-04-21T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97034","published_at":"2026-04-24T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.34769","scoring_system":"epss","scoring_elements":"0.97037","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2949"},{"reference_url":"http://secunia.com/advisories/25677","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25677"},{"reference_url":"http://secunia.com/advisories/25949","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/25949"},{"reference_url":"http://secunia.com/advisories/26044","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26044"},{"reference_url":"http://secunia.com/advisories/26132","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26132"},{"reference_url":"http://secunia.com/advisories/26215","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26215"},{"reference_url":"http://secunia.com/advisories/26384","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26384"},{"reference_url":"http://secunia.com/advisories/26575","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26575"},{"reference_url":"http://secunia.com/advisories/26939","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/26939"},{"reference_url":"http://secunia.com/advisories/28114","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/28114"},{"reference_url":"http://secunia.com/secunia_research/2007-63/advisory/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/secunia_research/2007-63/advisory/"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200707-09.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200707-09.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35246","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/35246"},{"reference_url":"https://issues.rpath.com/browse/RPL-1487","reference_id":"","reference_type":"","scores":[],"url":"https://issues.rpath.com/browse/RPL-1487"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11276"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5772"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-103170-1"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1","reference_id":"","reference_type":"","scores":[],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-201320-1"},{"reference_url":"http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798","reference_id":"","reference_type":"","scores":[],"url":"http://svn.gnome.org/viewcvs/gimp?view=revision&revision=22798"},{"reference_url":"http://www.debian.org/security/2007/dsa-1335","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2007/dsa-1335"},{"reference_url":"http://www.kb.cert.org/vuls/id/399896","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/399896"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:170","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDKSA-2007:170"},{"reference_url":"http://www.novell.com/linux/security/advisories/2007_15_sr.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.novell.com/linux/security/advisories/2007_15_sr.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2007-0513.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2007-0513.html"},{"reference_url":"http://www.securityfocus.com/bid/24745","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/24745"},{"reference_url":"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.org/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.360191"},{"reference_url":"http://www.ubuntu.com/usn/usn-480-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/usn-480-1"},{"reference_url":"http://www.vupen.com/english/advisories/2007/2421","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/2421"},{"reference_url":"http://www.vupen.com/english/advisories/2007/4241","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2007/4241"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=244400","reference_id":"244400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=244400"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2949","reference_id":"CVE-2007-2949","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2007-2949"},{"reference_url":"https://security.gentoo.org/glsa/200707-09","reference_id":"GLSA-200707-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200707-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0513","reference_id":"RHSA-2007:0513","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0513"},{"reference_url":"https://usn.ubuntu.com/480-1/","reference_id":"USN-480-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/480-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571004?format=json","purl":"pkg:deb/debian/gimp@2.4.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-23ev-8ph6-qyd8"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-5ds4-62sx-xud3"},{"vulnerability":"VCID-5yx1-7s7z-m3ar"},{"vulnerability":"VCID-6uzq-6ejf-kudc"},{"vulnerability":"VCID-6yt4-22x4-2kdk"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-bq1c-u55x-5beh"},{"vulnerability":"VCID-cdfh-uhac-sbam"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-nb8e-umcc-yudg"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-sn31-adaw-8kbz"},{"vulnerability":"VCID-svvz-6tap-wqbe"},{"vulnerability":"VCID-tq1x-gwac-6uc9"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-u8j3-25up-5bcb"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wbtb-bfgn-4bhq"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-y7a9-2p1n-z7fx"},{"vulnerability":"VCID-ye1p-fndf-h7b9"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.4.7-1"}],"aliases":["CVE-2007-2949"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vjn6-7mrr-j7cn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56773?format=json","vulnerability_id":"VCID-wbtb-bfgn-4bhq","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2763.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2763.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2763","reference_id":"","reference_type":"","scores":[{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99513","published_at":"2026-04-01T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99512","published_at":"2026-04-02T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99514","published_at":"2026-04-07T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99515","published_at":"2026-04-08T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99516","published_at":"2026-04-09T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99517","published_at":"2026-04-13T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99519","published_at":"2026-04-16T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.9952","published_at":"2026-04-18T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99521","published_at":"2026-04-21T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99524","published_at":"2026-04-29T12:55:00Z"},{"value":"0.88834","scoring_system":"epss","scoring_elements":"0.99525","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2763"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2763"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=824541","reference_id":"824541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=824541"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18956.c","reference_id":"CVE-2012-2763;OSVDB-82429","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/dos/18956.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18973.rb","reference_id":"CVE-2012-2763;OSVDB-82429","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/18973.rb"},{"reference_url":"http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html","reference_id":"CVE-2012-2763;OSVDB-82429","reference_type":"exploit","scores":[],"url":"http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2012-2763"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wbtb-bfgn-4bhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/70752?format=json","vulnerability_id":"VCID-wj9c-s6kt-tqag","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17785.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17785.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17785","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58516","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58576","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58666","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.5861","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58624","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58609","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.586","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58622","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58591","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58643","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58649","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58667","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58648","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58628","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.58661","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-17785"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=739133","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=739133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17784"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17785"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17786"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17787"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17789"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2017/12/msg00023.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4077","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4077"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/12/19/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/12/19/5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529147","reference_id":"1529147","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1529147"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884836","reference_id":"884836","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884836"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:2.8.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17785","reference_id":"CVE-2017-17785","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-17785"},{"reference_url":"https://usn.ubuntu.com/3539-1/","reference_id":"USN-3539-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3539-1/"},{"reference_url":"https://usn.ubuntu.com/8057-1/","reference_id":"USN-8057-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8057-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035811?format=json","purl":"pkg:deb/debian/gimp@2.8.14-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.14-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037143?format=json","purl":"pkg:deb/debian/gimp@2.8.18-1%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.18-1%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1049282?format=json","purl":"pkg:deb/debian/gimp@2.10.8-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.8-2"}],"aliases":["CVE-2017-17785"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wj9c-s6kt-tqag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56772?format=json","vulnerability_id":"VCID-y7a9-2p1n-z7fx","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2896.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2896","reference_id":"","reference_type":"","scores":[{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.9157","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91578","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91584","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91593","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91606","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91612","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91616","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91618","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91615","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91637","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.9163","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91629","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91636","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91635","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91632","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07216","scoring_system":"epss","scoring_elements":"0.91645","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2896"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2896"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643753","reference_id":"643753","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=727800","reference_id":"727800","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=727800"},{"reference_url":"https://security.gentoo.org/glsa/201209-23","reference_id":"GLSA-201209-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1635","reference_id":"RHSA-2011:1635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1635"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0302","reference_id":"RHSA-2012:0302","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0302"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1180","reference_id":"RHSA-2012:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"},{"reference_url":"https://usn.ubuntu.com/1207-1/","reference_id":"USN-1207-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1207-1/"},{"reference_url":"https://usn.ubuntu.com/1214-1/","reference_id":"USN-1214-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1214-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2011-2896"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7a9-2p1n-z7fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56255?format=json","vulnerability_id":"VCID-ye1p-fndf-h7b9","summary":"Multiple vulnerabilities have been found in GIMP, the worst of\n    which allow execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00020.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00020.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00000.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1180.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1180.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1181.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3403.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3403.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3403","reference_id":"","reference_type":"","scores":[{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88902","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88805","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88813","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88829","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88832","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88849","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88854","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88866","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88862","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88861","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88874","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88872","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.8887","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88887","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88893","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04289","scoring_system":"epss","scoring_elements":"0.88894","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3403"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3403"},{"reference_url":"http://secunia.com/advisories/50296","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/50296"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:142","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:142"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:082"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/08/20/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/08/20/7"},{"reference_url":"http://www.securityfocus.com/bid/55101","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/55101"},{"reference_url":"http://www.securitytracker.com/id?1027411","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1027411"},{"reference_url":"http://www.ubuntu.com/usn/USN-1559-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1559-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685397","reference_id":"685397","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685397"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=839020","reference_id":"839020","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=839020"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gimp:gimp:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3403","reference_id":"CVE-2012-3403","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3403"},{"reference_url":"https://security.gentoo.org/glsa/201311-05","reference_id":"GLSA-201311-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1180","reference_id":"RHSA-2012:1180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1181","reference_id":"RHSA-2012:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1181"},{"reference_url":"https://usn.ubuntu.com/1559-1/","reference_id":"USN-1559-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1559-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571006?format=json","purl":"pkg:deb/debian/gimp@2.8.2-2%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-35p4-a8t3-f3g1"},{"vulnerability":"VCID-4wae-t183-yydb"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-bcwp-42cm-g3et"},{"vulnerability":"VCID-bf8d-qkyh-auds"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-eybg-sjmd-q7a2"},{"vulnerability":"VCID-fta8-9na3-u3hb"},{"vulnerability":"VCID-g7zy-qgvc-cueg"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-hkc8-4uw7-2yc3"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-q23d-29ut-uyhd"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-r1ds-par2-5kb4"},{"vulnerability":"VCID-rgcb-3vf1-23dk"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-s17j-j45c-nqgs"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-wj9c-s6kt-tqag"},{"vulnerability":"VCID-ygcy-xz6u-1qav"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.8.2-2%252Bdeb7u1"}],"aliases":["CVE-2012-3403"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ye1p-fndf-h7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62049?format=json","vulnerability_id":"VCID-ygcy-xz6u-1qav","summary":"Multiple vulnerabilities have been discovered in GIMP, the worst of which can lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44442.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-44442.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44442","reference_id":"","reference_type":"","scores":[{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98266","published_at":"2026-04-02T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98294","published_at":"2026-05-05T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98279","published_at":"2026-04-13T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-21T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98286","published_at":"2026-04-18T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98288","published_at":"2026-04-24T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98289","published_at":"2026-04-29T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98269","published_at":"2026-04-04T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.9827","published_at":"2026-04-07T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.6033","scoring_system":"epss","scoring_elements":"0.98278","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44442"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44443"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-44444"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984","reference_id":"1055984","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055984"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249942","reference_id":"2249942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2249942"},{"reference_url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/","reference_id":"gimp-2-10-36-released","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T13:15:13Z/"}],"url":"https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/"},{"reference_url":"https://security.gentoo.org/glsa/202501-02","reference_id":"GLSA-202501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202501-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0675","reference_id":"RHSA-2024:0675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0702","reference_id":"RHSA-2024:0702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0716","reference_id":"RHSA-2024:0716","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0716"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0861","reference_id":"RHSA-2024:0861","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0862","reference_id":"RHSA-2024:0862","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0863","reference_id":"RHSA-2024:0863","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0863"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1007","reference_id":"RHSA-2024:1007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10666","reference_id":"RHSA-2024:10666","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10666"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1327","reference_id":"RHSA-2024:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:0746","reference_id":"RHSA-2025:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3617","reference_id":"RHSA-2025:3617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3629","reference_id":"RHSA-2025:3629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:3629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7417","reference_id":"RHSA-2025:7417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7417"},{"reference_url":"https://usn.ubuntu.com/6521-1/","reference_id":"USN-6521-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6521-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1594/","reference_id":"ZDI-23-1594","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T13:15:13Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1594/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026169?format=json","purl":"pkg:deb/debian/gimp@2.10.22-4%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-1w47-u2aa-8uaj"},{"vulnerability":"VCID-2k57-pmhe-9uds"},{"vulnerability":"VCID-2p8s-2h2y-aqg4"},{"vulnerability":"VCID-2yr2-zppt-47eq"},{"vulnerability":"VCID-3sqk-cbwn-tqa7"},{"vulnerability":"VCID-81y4-4cxp-bybu"},{"vulnerability":"VCID-99yx-7yr3-dfht"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-bhsc-qy1f-27dj"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dav9-9ar6-gkbn"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-dtpr-ndvm-5udg"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gdxp-wy9y-m3h1"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-hrab-t25s-5ybg"},{"vulnerability":"VCID-jy45-8uuz-y7bf"},{"vulnerability":"VCID-krn9-65fh-sqgq"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-qsyr-7tn1-uyhv"},{"vulnerability":"VCID-rraw-1e9t-x3f3"},{"vulnerability":"VCID-tth9-nncy-5qap"},{"vulnerability":"VCID-ubet-venh-tqct"},{"vulnerability":"VCID-uujf-3fhp-8fgg"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"},{"vulnerability":"VCID-z2up-g7ms-gfg2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.22-4%252Bdeb11u2"}],"aliases":["CVE-2023-44442","ZDI-CAN-22094"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ygcy-xz6u-1qav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47242?format=json","vulnerability_id":"VCID-z2up-g7ms-gfg2","summary":"A vulnerability has been discovered in GIMP, which can lead to execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10934.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10934.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10934","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18293","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18241","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.17996","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20804","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21091","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2107","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20942","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20945","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.20913","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21174","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21184","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21142","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2109","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21081","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10934"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119661","reference_id":"1119661","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407233","reference_id":"2407233","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2407233"},{"reference_url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/5c3e2122d53869599d77ef0f1bdece117b24fd7c","reference_id":"5c3e2122d53869599d77ef0f1bdece117b24fd7c","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:07Z/"}],"url":"https://gitlab.gnome.org/GNOME/gimp/-/commit/5c3e2122d53869599d77ef0f1bdece117b24fd7c"},{"reference_url":"https://security.gentoo.org/glsa/202601-03","reference_id":"GLSA-202601-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202601-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21968","reference_id":"RHSA-2025:21968","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21968"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22417","reference_id":"RHSA-2025:22417","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22417"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22445","reference_id":"RHSA-2025:22445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22496","reference_id":"RHSA-2025:22496","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22496"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22497","reference_id":"RHSA-2025:22497","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22497"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22498","reference_id":"RHSA-2025:22498","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22866","reference_id":"RHSA-2025:22866","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23857","reference_id":"RHSA-2025:23857","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23857"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0027","reference_id":"RHSA-2026:0027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0250","reference_id":"RHSA-2026:0250","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0356","reference_id":"RHSA-2026:0356","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0356"},{"reference_url":"https://usn.ubuntu.com/8075-1/","reference_id":"USN-8075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8075-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-25-978/","reference_id":"ZDI-25-978","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-30T03:56:07Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-25-978/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1026170?format=json","purl":"pkg:deb/debian/gimp@2.10.34-1%2Bdeb12u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1hm4-srhz-tqhb"},{"vulnerability":"VCID-9v2z-2myu-bfd3"},{"vulnerability":"VCID-d967-53mv-13b6"},{"vulnerability":"VCID-dkmg-nu4f-xbay"},{"vulnerability":"VCID-fraw-9hj8-vbhs"},{"vulnerability":"VCID-gfzg-1hvp-5ugd"},{"vulnerability":"VCID-hj85-sup9-abft"},{"vulnerability":"VCID-ney7-z8qy-kuce"},{"vulnerability":"VCID-va44-vsem-xuf5"},{"vulnerability":"VCID-wkrp-v537-x3hy"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@2.10.34-1%252Bdeb12u5"}],"aliases":["CVE-2025-10934"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z2up-g7ms-gfg2"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gimp@1.0.2-3"}