Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/77897?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "type": "ebuild", "namespace": "media-gfx", "name": "imagemagick", "version": "7.1.1.11", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "7.1.1.22", "latest_non_vulnerable_version": "7.1.1.22", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49493?format=api", "vulnerability_id": "VCID-18rv-b2mg-jbex", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09732", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09707", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09606", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09578", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09725", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09767", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09734", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09692", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09772", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124173", "reference_id": "2124173", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124173" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2021-20224" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18rv-b2mg-jbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49494?format=api", "vulnerability_id": "VCID-3gtv-1gg5-5fh2", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11331", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11529", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11396", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11454", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11259", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1126", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11388", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11328", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11286", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11222", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11156", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11287", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-0284" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943", "reference_id": "2045943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2045943" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-0284" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gtv-1gg5-5fh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49496?format=api", "vulnerability_id": "VCID-8bac-p2pq-vkf1", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2719.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2719.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2719", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0719", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07421", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07317", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07283", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07256", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07234", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07212", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07267", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07294", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07276", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07265", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07196", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2719" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537", "reference_id": "2116537", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:36:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2116537" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-2719" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bac-p2pq-vkf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49500?format=api", "vulnerability_id": "VCID-agz5-g8mr-e7hn", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.30029", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29946", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29981", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31105", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31026", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30876", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.30945", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31402", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3123", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812", "reference_id": "2091812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-32546" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agz5-g8mr-e7hn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49502?format=api", "vulnerability_id": "VCID-aqs4-r36j-ffe7", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.9582", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.9577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95772", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95781", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95799", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95804", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95805", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95807", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95808", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767", "reference_id": "1030767", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167593", "reference_id": "2167593", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167593" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/", "reference_id": "AINSUL2QBKETGYRPA7XSCMJWLUB44M6S", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/51256.txt", "reference_id": "CVE-2022-44267", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/51256.txt" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5347", "reference_id": "dsa-5347", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5347" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://imagemagick.org/", "reference_id": "imagemagick.org", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://imagemagick.org/" }, { "reference_url": "https://www.metabaseq.com/imagemagick-zero-days/", "reference_id": "imagemagick-zero-days", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://www.metabaseq.com/imagemagick-zero-days/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html" }, { "reference_url": "https://usn.ubuntu.com/5855-1/", "reference_id": "USN-5855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-1/" }, { "reference_url": "https://usn.ubuntu.com/5855-2/", "reference_id": "USN-5855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-2/" }, { "reference_url": "https://usn.ubuntu.com/5855-4/", "reference_id": "USN-5855-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/", "reference_id": "ZZLLS37P67CMBRML6OCG42GPCKGRCJNV", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-44267" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqs4-r36j-ffe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49509?format=api", "vulnerability_id": "VCID-h6hy-g7da-1yg4", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34153.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34153.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34153", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72155", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72053", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72102", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72087", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.7213", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72139", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72133", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72125", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72035", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.7205", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72062", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00703", "scoring_system": "epss", "scoring_elements": "0.72085", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34153" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210660", "reference_id": "2210660", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210660" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/", "reference_id": "4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4UFQJCYJ23HWHNDOVKBHZQ7HCXXL6MM3/" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/6338", "reference_id": "6338", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/issues/6338" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-34153", "reference_id": "CVE-2023-34153", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-34153" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/", "reference_id": "V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-10T21:02:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2ZUHZXQ2C3JZYKPW4XHCMVVL467MA2V/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2023-34153" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6hy-g7da-1yg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49503?format=api", "vulnerability_id": "VCID-mmw7-4m3z-2kcn", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.9951", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.995", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99507", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99508", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99509", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767", "reference_id": "1030767", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167594", "reference_id": "2167594", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167594" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/", "reference_id": "AINSUL2QBKETGYRPA7XSCMJWLUB44M6S", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/51261.txt", "reference_id": "CVE-2022-44268", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/51261.txt" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5347", "reference_id": "dsa-5347", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5347" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html", "reference_id": "ImageMagick-7.1.0-48-Arbitrary-File-Read.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html" }, { "reference_url": "https://imagemagick.org/", "reference_id": "imagemagick.org", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://imagemagick.org/" }, { "reference_url": "https://www.metabaseq.com/imagemagick-zero-days/", "reference_id": "imagemagick-zero-days", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://www.metabaseq.com/imagemagick-zero-days/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html" }, { "reference_url": "https://usn.ubuntu.com/5855-1/", "reference_id": "USN-5855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-1/" }, { "reference_url": "https://usn.ubuntu.com/5855-2/", "reference_id": "USN-5855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-2/" }, { "reference_url": "https://usn.ubuntu.com/5855-4/", "reference_id": "USN-5855-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/", "reference_id": "ZZLLS37P67CMBRML6OCG42GPCKGRCJNV", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-44268" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmw7-4m3z-2kcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49495?format=api", "vulnerability_id": "VCID-nvea-drm5-h3au", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11975", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12133", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11936", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12018", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12072", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12014", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11882", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12001", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11977", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11948", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11848", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11766", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11901", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022", "reference_id": "2067022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-1115" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvea-drm5-h3au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49492?format=api", "vulnerability_id": "VCID-p4yb-mqca-v7c8", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26544", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26594", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26639", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26549", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26452", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26423", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26388", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26322", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26316", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26263", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26134", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26201", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611", "reference_id": "2054611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2021-4219" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p4yb-mqca-v7c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49504?format=api", "vulnerability_id": "VCID-pjm4-2g47-4qau", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10621", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10682", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10651", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10491", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10509", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10634", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10583", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10581", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10528", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10485", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10609", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034373", "reference_id": "1034373", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034373" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714", "reference_id": "2185714", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/", "reference_id": "6655G3GPS42WQM32DJHUCZALI2URQSCO", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-1906", "reference_id": "CVE-2023-1906", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-1906" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "reference_id": "d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d", "reference_id": "e30c693b37c3b41723f1469d1226a2c814ca443d", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247", "reference_id": "GHSA-35q2-86c7-9247", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2023-1906" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pjm4-2g47-4qau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49508?format=api", "vulnerability_id": "VCID-pk4j-w1q9-vqd2", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34151.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2105", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21121", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21078", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21026", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21027", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20878", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2088", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20848", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20741", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20814", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036999", "reference_id": "1036999", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657", "reference_id": "2210657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-2/", "reference_id": "USN-6200-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-2/" }, { "reference_url": "https://usn.ubuntu.com/7440-1/", "reference_id": "USN-7440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2023-34151" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pk4j-w1q9-vqd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49497?format=api", "vulnerability_id": "VCID-r1uc-e1w7-kyda", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09744", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09788", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09755", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09713", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09626", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09792", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3213" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021141", "reference_id": "1021141", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824", "reference_id": "2126824", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-3213" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1uc-e1w7-kyda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49498?format=api", "vulnerability_id": "VCID-rrvd-vd81-sfdm", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28463.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32485", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32392", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3242", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32358", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32395", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32372", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32169", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32047", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31963", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.31818", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3189", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083056", "reference_id": "2083056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083056" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5456-1/", "reference_id": "USN-5456-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5456-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-28463" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrvd-vd81-sfdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49506?format=api", "vulnerability_id": "VCID-t38m-c4zf-yqe6", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2157.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-2157.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11215", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11322", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11262", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11221", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11153", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11084", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11457", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11248", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1133", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11385", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11357", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11191", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11194", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-2157" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036476", "reference_id": "1036476", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036476" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208537", "reference_id": "2208537", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T21:30:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208537" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/", "reference_id": "45DUUXYMAEEAW55GSLAXN25VPKCRAIDA", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-07T21:30:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/45DUUXYMAEEAW55GSLAXN25VPKCRAIDA/" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2023-2157" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t38m-c4zf-yqe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49507?format=api", "vulnerability_id": "VCID-v2r8-1wgn-1bgs", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09701", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09656", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09703", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09668", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09628", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0954", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09525", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09599", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0961", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09506", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774", "reference_id": "2241774", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "reference_id": "aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-5341", "reference_id": "CVE-2023-5341", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-5341" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6621-1/", "reference_id": "USN-6621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2023-5341" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2r8-1wgn-1bgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49501?format=api", "vulnerability_id": "VCID-vrqg-4fke-mfay", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28304", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28248", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28152", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27961", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27799", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27863", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813", "reference_id": "2091813", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-32547" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrqg-4fke-mfay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49499?format=api", "vulnerability_id": "VCID-yspe-wj34-juck", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28304", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28248", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28152", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27961", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27799", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27863", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32545" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811", "reference_id": "2091811", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77895?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.12.88", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.12.88" }, { "url": "http://public2.vulnerablecode.io/api/packages/77896?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@6.9.13.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@6.9.13.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/77897?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.11", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }, { "url": "http://public2.vulnerablecode.io/api/packages/77898?format=api", "purl": "pkg:ebuild/media-gfx/imagemagick@7.1.1.22", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.22" } ], "aliases": [ "CVE-2022-32545" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yspe-wj34-juck" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/imagemagick@7.1.1.11" }