{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","type":"ebuild","namespace":"media-video","name":"ffmpeg","version":"4.2.0","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.2.4","latest_non_vulnerable_version":"6.0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56088?format=json","vulnerability_id":"VCID-2zp5-1mhj-xba8","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10001","reference_id":"","reference_type":"","scores":[{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76626","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.7663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76658","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.7664","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76672","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76683","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.7671","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.7669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76682","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76729","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76718","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.7675","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76756","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76768","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00975","scoring_system":"epss","scoring_elements":"0.76788","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2018-10001"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2zp5-1mhj-xba8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56091?format=json","vulnerability_id":"VCID-3frq-jdkb-gbe3","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7751","reference_id":"","reference_type":"","scores":[{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77818","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77788","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77632","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77639","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77666","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77649","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77677","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77682","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77692","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77691","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77728","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77727","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.7772","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77751","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.7776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01066","scoring_system":"epss","scoring_elements":"0.77776","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7751"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7751","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7751"},{"reference_url":"https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/a6cba062051f345e8ebfdff34aba071ed73d923f","reference_id":"","reference_type":"","scores":[],"url":"https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/a6cba062051f345e8ebfdff34aba071ed73d923f"},{"reference_url":"http://www.securityfocus.com/bid/103956","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/103956"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7751","reference_id":"CVE-2018-7751","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7751"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2018-7751"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3frq-jdkb-gbe3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56092?format=json","vulnerability_id":"VCID-9w52-r33d-aygp","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9841","reference_id":"","reference_type":"","scores":[{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68121","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68143","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68161","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68139","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6819","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68205","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6823","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68217","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68183","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68221","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68232","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68213","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68255","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68267","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68241","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68286","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-9841"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2018-9841"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9w52-r33d-aygp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56096?format=json","vulnerability_id":"VCID-a1vj-7z31-fff2","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17542","reference_id":"","reference_type":"","scores":[{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74389","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74362","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.7436","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74237","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74242","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74268","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74274","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74289","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.7431","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74291","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.7432","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74329","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74322","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74355","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00815","scoring_system":"epss","scoring_elements":"0.74363","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17542"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/12/msg00003.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00022.html"},{"reference_url":"https://www.debian.org/security/2020/dsa-4722","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4722"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17542","reference_id":"CVE-2019-17542","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17542"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"},{"reference_url":"https://usn.ubuntu.com/4431-1/","reference_id":"USN-4431-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4431-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2019-17542"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a1vj-7z31-fff2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47375?format=json","vulnerability_id":"VCID-e57q-2f8h-1yee","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which could result in the arbitrary execution of code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13312","reference_id":"","reference_type":"","scores":[{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68737","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68656","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68704","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.6871","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68716","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00571","scoring_system":"epss","scoring_elements":"0.68695","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68981","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68966","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.6887","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68979","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68988","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68937","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68887","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68889","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.6894","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.68958","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13312"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"},{"reference_url":"https://security.gentoo.org/glsa/202007-58","reference_id":"GLSA-202007-58","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-58"},{"reference_url":"https://usn.ubuntu.com/4431-1/","reference_id":"USN-4431-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4431-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/77070?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.4"}],"aliases":["CVE-2019-13312"],"risk_score":1.0,"exploitability":"0.5","weighted_severity":"2.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e57q-2f8h-1yee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56094?format=json","vulnerability_id":"VCID-eyf7-r7m9-jfhm","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13390","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64889","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64936","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.649","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64913","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64909","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65355","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65374","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65251","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65334","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65369","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65381","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65365","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65362","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65301","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65327","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65292","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00485","scoring_system":"epss","scoring_elements":"0.65344","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932535","reference_id":"932535","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932535"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"},{"reference_url":"https://usn.ubuntu.com/4431-1/","reference_id":"USN-4431-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4431-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2019-13390"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyf7-r7m9-jfhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56090?format=json","vulnerability_id":"VCID-gztp-4964-3fe2","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7557","reference_id":"","reference_type":"","scores":[{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77655","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77683","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77666","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77693","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77699","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77725","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77709","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77708","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77745","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77769","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77778","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77794","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77805","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01067","scoring_system":"epss","scoring_elements":"0.77836","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2018-7557"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gztp-4964-3fe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56095?format=json","vulnerability_id":"VCID-h9pf-cucf-tqe6","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17539","reference_id":"","reference_type":"","scores":[{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71402","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.7138","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71365","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71235","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71262","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71237","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71278","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71292","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71314","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71299","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71283","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71329","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71335","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71369","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00668","scoring_system":"epss","scoring_elements":"0.71376","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-17539"},{"reference_url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15733"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13390"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17542"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20448"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-20902"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00026.html"},{"reference_url":"https://www.debian.org/security/2020/dsa-4722","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2020/dsa-4722"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ffmpeg:ffmpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17539","reference_id":"CVE-2019-17539","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-17539"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"},{"reference_url":"https://usn.ubuntu.com/4431-1/","reference_id":"USN-4431-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4431-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2019-17539"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h9pf-cucf-tqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56093?format=json","vulnerability_id":"VCID-ua27-1zcs-xffy","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12730","reference_id":"","reference_type":"","scores":[{"value":"0.01609","scoring_system":"epss","scoring_elements":"0.81869","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01609","scoring_system":"epss","scoring_elements":"0.81847","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82091","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82087","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.8212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82139","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82058","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82122","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82163","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82185","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82196","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.82199","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.8213","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01671","scoring_system":"epss","scoring_elements":"0.8207","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932469","reference_id":"932469","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932469"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"},{"reference_url":"https://usn.ubuntu.com/4431-1/","reference_id":"USN-4431-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4431-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2019-12730"],"risk_score":1.0,"exploitability":"0.5","weighted_severity":"2.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ua27-1zcs-xffy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56089?format=json","vulnerability_id":"VCID-ymxh-d75c-xyec","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6912","reference_id":"","reference_type":"","scores":[{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71911","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71919","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71938","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71914","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71953","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71965","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71989","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71973","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71956","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.71996","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.72004","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.72033","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.7204","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.72035","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.72028","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00698","scoring_system":"epss","scoring_elements":"0.72061","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6912"},{"reference_url":"https://security.gentoo.org/glsa/202003-65","reference_id":"GLSA-202003-65","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-65"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82869?format=json","purl":"pkg:ebuild/media-video/ffmpeg@4.2.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}],"aliases":["CVE-2018-6912"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ymxh-d75c-xyec"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-video/ffmpeg@4.2.0"}