{"url":"http://public2.vulnerablecode.io/api/packages/584716?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u4?distro=trixie","type":"deb","namespace":"debian","name":"cups-filters","version":"1.28.7-1+deb11u4","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.28.17-3","latest_non_vulnerable_version":"1.28.17-7","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66476?format=json","vulnerability_id":"VCID-6qd1-jvb8-jqak","summary":"cups: cups-filters: cups-filters: Out-of-bounds write via crafted PDF MediaBox","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64503.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64503","reference_id":"","reference_type":"","scores":[{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06652","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06645","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06637","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06564","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06556","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06713","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09704","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09737","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09803","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09798","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09815","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09658","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09726","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09656","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09495","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09582","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14849","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14728","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14874","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14926","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64503"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120697","reference_id":"1120697","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120697"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120698","reference_id":"1120698","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120698"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414705","reference_id":"2414705","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414705"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/commit/50d94ca0f2fa6177613c97c59791bde568631865","reference_id":"50d94ca0f2fa6177613c97c59791bde568631865","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:56:00Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/commit/50d94ca0f2fa6177613c97c59791bde568631865"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-893j-2wr2-wrh9","reference_id":"GHSA-893j-2wr2-wrh9","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:56:00Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-893j-2wr2-wrh9"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/blob/aea8d0db017e495b0204433ebdb0e86b4871094c/filter/pdftoraster.cxx#L1620","reference_id":"pdftoraster.cxx#L1620","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:56:00Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/blob/aea8d0db017e495b0204433ebdb0e86b4871094c/filter/pdftoraster.cxx#L1620"},{"reference_url":"https://github.com/OpenPrinting/libcupsfilters/blob/1dd86d835b27ed149b66aee1a4853d1db8a1f44c/cupsfilters/pdftoraster.cxx#L1790","reference_id":"pdftoraster.cxx#L1790","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:56:00Z/"}],"url":"https://github.com/OpenPrinting/libcupsfilters/blob/1dd86d835b27ed149b66aee1a4853d1db8a1f44c/cupsfilters/pdftoraster.cxx#L1790"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/blob/aea8d0db017e495b0204433ebdb0e86b4871094c/filter/pdftoraster.cxx#L1880","reference_id":"pdftoraster.cxx#L1880","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-13T16:56:00Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/blob/aea8d0db017e495b0204433ebdb0e86b4871094c/filter/pdftoraster.cxx#L1880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8814","reference_id":"RHSA-2026:8814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8814"},{"reference_url":"https://usn.ubuntu.com/7877-1/","reference_id":"USN-7877-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7877-1/"},{"reference_url":"https://usn.ubuntu.com/7878-1/","reference_id":"USN-7878-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7878-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582542?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584716?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582543?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582544?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-6%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582545?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-7%3Fdistro=trixie"}],"aliases":["CVE-2025-64503"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qd1-jvb8-jqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66479?format=json","vulnerability_id":"VCID-7xq5-z572-xub3","summary":"cups: CUPS-Filters: Information disclosure and data corruption via crafted TIFF image file processing","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57812.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57812","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04165","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04123","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04094","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04222","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06387","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06619","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06631","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06655","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06654","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06669","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0636","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06607","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0654","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06417","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.064","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15579","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15447","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15534","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15589","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0005","scoring_system":"epss","scoring_elements":"0.15646","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-57812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57812"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120703","reference_id":"1120703","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120703"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120704","reference_id":"1120704","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120704"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414632","reference_id":"2414632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414632"},{"reference_url":"https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa","reference_id":"b69dfacec7f176281782e2f7ac44f04bf9633cfa","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:46:48Z/"}],"url":"https://github.com/OpenPrinting/libcupsfilters/commit/b69dfacec7f176281782e2f7ac44f04bf9633cfa"},{"reference_url":"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-jpxg-qc2c-hgv4","reference_id":"GHSA-jpxg-qc2c-hgv4","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:46:48Z/"}],"url":"https://github.com/OpenPrinting/libcupsfilters/security/advisories/GHSA-jpxg-qc2c-hgv4"},{"reference_url":"https://github.com/OpenPrinting/libcupsfilters/blob/33421982e10f6a14bc0bab03b80c9cf4660e8d7d/cupsfilters/image-tiff.c#L32","reference_id":"image-tiff.c#L32","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:46:48Z/"}],"url":"https://github.com/OpenPrinting/libcupsfilters/blob/33421982e10f6a14bc0bab03b80c9cf4660e8d7d/cupsfilters/image-tiff.c#L32"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/cupsfilters/image-tiff.c#L34","reference_id":"image-tiff.c#L34","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:46:48Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/cupsfilters/image-tiff.c#L34"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/filter/imagetoraster.c#L613","reference_id":"imagetoraster.c#L613","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:46:48Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/blob/3c58463e341b12c9d30d7d3807d2bac1bc595a78/filter/imagetoraster.c#L613"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8814","reference_id":"RHSA-2026:8814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8814"},{"reference_url":"https://usn.ubuntu.com/7877-1/","reference_id":"USN-7877-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7877-1/"},{"reference_url":"https://usn.ubuntu.com/7878-1/","reference_id":"USN-7878-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7878-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582542?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584716?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582543?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582544?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-6%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582545?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-7%3Fdistro=trixie"}],"aliases":["CVE-2025-57812"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7xq5-z572-xub3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66439?format=json","vulnerability_id":"VCID-rcep-az2v-1yab","summary":"cups-filters: cups-filters: Heap buffer overflow in rastertopclx filter may lead arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64524.json","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-64524.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64524","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06315","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06277","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06259","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06351","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07827","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07533","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07677","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07747","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.0774","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07763","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07809","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.07813","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09821","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09813","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09865","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09873","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09837","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09703","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09791","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.09742","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-64524"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64524","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-64524"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414780","reference_id":"2414780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2414780"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/commit/956283c74a34ae924266a2a63f8e5f529a1abd06","reference_id":"956283c74a34ae924266a2a63f8e5f529a1abd06","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-21T16:06:45Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/commit/956283c74a34ae924266a2a63f8e5f529a1abd06"},{"reference_url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-rq44-2q5p-x3hv","reference_id":"GHSA-rq44-2q5p-x3hv","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-21T16:06:45Z/"}],"url":"https://github.com/OpenPrinting/cups-filters/security/advisories/GHSA-rq44-2q5p-x3hv"},{"reference_url":"https://usn.ubuntu.com/7878-1/","reference_id":"USN-7878-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7878-1/"},{"reference_url":"https://usn.ubuntu.com/7878-2/","reference_id":"USN-7878-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7878-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582542?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584716?format=json","purl":"pkg:deb/debian/cups-filters@1.28.7-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582543?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-3%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-3%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582544?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-6%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-6%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582545?format=json","purl":"pkg:deb/debian/cups-filters@1.28.17-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.17-7%3Fdistro=trixie"}],"aliases":["CVE-2025-64524"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rcep-az2v-1yab"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cups-filters@1.28.7-1%252Bdeb11u4%3Fdistro=trixie"}