{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","type":"deb","namespace":"debian","name":"jbig2dec","version":"0.19-3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.20-1","latest_non_vulnerable_version":"0.20-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81638?format=json","vulnerability_id":"VCID-9yxq-n8m8-c7c8","summary":"jbig2dec: heap-based buffer overflow in jbig2_image_compose in jbig2_image.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12268.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12268.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12268","reference_id":"","reference_type":"","scores":[{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74215","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.7422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74247","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74253","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74267","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.7427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74263","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74299","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74309","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.743","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74333","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74342","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74341","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00813","scoring_system":"epss","scoring_elements":"0.74338","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12268"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848518","reference_id":"1848518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1848518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2897","reference_id":"RHSA-2020:2897","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2897"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2971","reference_id":"RHSA-2020:2971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2971"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3043","reference_id":"RHSA-2020:3043","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3043"},{"reference_url":"https://usn.ubuntu.com/5405-1/","reference_id":"USN-5405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925851?format=json","purl":"pkg:deb/debian/jbig2dec@0.18-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.18-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12268"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9yxq-n8m8-c7c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51892?format=json","vulnerability_id":"VCID-apzh-amu6-bue4","summary":"Multiple vulnerabilities have been found in jbig2dec, the worst of\n    which might allow remote attackers to execute arbitrary code.","references":[{"reference_url":"http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092","reference_id":"","reference_type":"","scores":[],"url":"http://git.ghostscript.com/?p=jbig2dec.git%3Ba=commit%3Bh=e698d5c11d27212aa1098bc5b1673a3378563092"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9601.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9601","reference_id":"","reference_type":"","scores":[{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63568","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63703","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63694","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63677","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63695","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63708","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63627","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63654","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63613","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63665","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63681","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0045","scoring_system":"epss","scoring_elements":"0.63684","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9601"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=697457","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=697457"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-9601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9601"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.debian.org/security/2017/dsa-3817","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-3817"},{"reference_url":"http://www.securityfocus.com/bid/97095","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410021","reference_id":"1410021","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1410021"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850497","reference_id":"850497","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850497"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:gpl_ghostscript:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:jbig2dec:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9601","reference_id":"CVE-2016-9601","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-9601"},{"reference_url":"https://security.gentoo.org/glsa/201706-24","reference_id":"GLSA-201706-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-24"},{"reference_url":"https://usn.ubuntu.com/3297-1/","reference_id":"USN-3297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925848?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9601"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-apzh-amu6-bue4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60269?format=json","vulnerability_id":"VCID-ehqx-npn9-aqd7","summary":"Multiple integer overflow flaws have been discovered in jbig2dec,\n    possibly resulting in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7975.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7975","reference_id":"","reference_type":"","scores":[{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5013","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5006","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.5019","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50143","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50175","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50203","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50153","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50207","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50201","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50202","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50191","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50236","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50237","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50211","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50184","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7975"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=697693","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=697693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976"},{"reference_url":"http://www.debian.org/security/2017/dsa-3855","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443940","reference_id":"1443940","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443940"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860788","reference_id":"860788","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860788"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7975","reference_id":"CVE-2017-7975","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7975"},{"reference_url":"https://security.gentoo.org/glsa/201708-10","reference_id":"GLSA-201708-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-10"},{"reference_url":"https://usn.ubuntu.com/3297-1/","reference_id":"USN-3297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925849?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7975"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ehqx-npn9-aqd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82660?format=json","vulnerability_id":"VCID-fe55-2jfw-7qa4","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8729","reference_id":"","reference_type":"","scores":[{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67331","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67356","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67358","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67226","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67263","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67265","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67316","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67329","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67349","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67336","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67301","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67348","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67326","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00532","scoring_system":"epss","scoring_elements":"0.67345","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-8729"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=697395","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=697395"},{"reference_url":"https://cgit.ghostscript.com/cgi-bin/cgit.cgi/jbig2dec.git/commit/?id=e698d5c11d27212aa1098bc5b1673a3378563092","reference_id":"","reference_type":"","scores":[],"url":"https://cgit.ghostscript.com/cgi-bin/cgit.cgi/jbig2dec.git/commit/?id=e698d5c11d27212aa1098bc5b1673a3378563092"},{"reference_url":"https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=1a7ef61410884daff8ff8391ddcecc3102acd989","reference_id":"","reference_type":"","scores":[],"url":"https://cgit.ghostscript.com/cgi-bin/cgit.cgi/mupdf.git/commit/?id=1a7ef61410884daff8ff8391ddcecc3102acd989"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9601"},{"reference_url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243","reference_id":"","reference_type":"","scores":[],"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0243"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863886","reference_id":"863886","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863886"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:mupdf:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8729","reference_id":"CVE-2016-8729","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-8729"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925848?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2016-8729"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fe55-2jfw-7qa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47315?format=json","vulnerability_id":"VCID-frrd-yd7x-jkdh","summary":"Multiple vulnerabilities have been found in GPL Ghostscript, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0196.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0196.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0196","reference_id":"","reference_type":"","scores":[{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93783","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93792","published_at":"2026-04-02T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93802","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93805","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93814","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93817","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93822","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93845","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.9385","published_at":"2026-04-18T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93852","published_at":"2026-04-21T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93854","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93853","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93851","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12164","scoring_system":"epss","scoring_elements":"0.93859","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0196"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0196"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=493379","reference_id":"493379","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=493379"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524803","reference_id":"524803","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524803"},{"reference_url":"https://security.gentoo.org/glsa/201412-17","reference_id":"GLSA-201412-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0421","reference_id":"RHSA-2009:0421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0421"},{"reference_url":"https://usn.ubuntu.com/757-1/","reference_id":"USN-757-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/757-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925845?format=json","purl":"pkg:deb/debian/jbig2dec@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2009-0196"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-frrd-yd7x-jkdh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60268?format=json","vulnerability_id":"VCID-jvn8-mhm5-wkdn","summary":"Multiple integer overflow flaws have been discovered in jbig2dec,\n    possibly resulting in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7885.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7885","reference_id":"","reference_type":"","scores":[{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52059","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52056","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52147","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.5211","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52133","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52098","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52152","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52148","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52199","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52182","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52167","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52208","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52211","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.52193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00287","scoring_system":"epss","scoring_elements":"0.5214","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7885"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=697703","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=697703"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976"},{"reference_url":"http://www.debian.org/security/2017/dsa-3855","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444104","reference_id":"1444104","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1444104"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860460","reference_id":"860460","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860460"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7885","reference_id":"CVE-2017-7885","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7885"},{"reference_url":"https://security.gentoo.org/glsa/201708-10","reference_id":"GLSA-201708-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-10"},{"reference_url":"https://usn.ubuntu.com/3297-1/","reference_id":"USN-3297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925849?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7885"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvn8-mhm5-wkdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84287?format=json","vulnerability_id":"VCID-mg8u-jvvj-kydu","summary":"jbig2dec: Null pointer dereference in jbig2_huffman_get()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9216.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9216.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9216","reference_id":"","reference_type":"","scores":[{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75638","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75582","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.7562","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75625","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75629","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75526","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75506","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75548","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75558","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75578","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75557","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75591","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00891","scoring_system":"epss","scoring_elements":"0.75596","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01428","scoring_system":"epss","scoring_elements":"0.80582","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9216"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456728","reference_id":"1456728","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1456728"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863279","reference_id":"863279","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863279"},{"reference_url":"https://security.archlinux.org/ASA-201711-28","reference_id":"ASA-201711-28","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-28"},{"reference_url":"https://security.archlinux.org/AVG-517","reference_id":"AVG-517","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-517"},{"reference_url":"https://usn.ubuntu.com/5405-1/","reference_id":"USN-5405-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5405-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925850?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2017-9216"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mg8u-jvvj-kydu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60270?format=json","vulnerability_id":"VCID-yjz6-uc1v-c7ac","summary":"Multiple integer overflow flaws have been discovered in jbig2dec,\n    possibly resulting in execution of arbitrary code or Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7976.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7976","reference_id":"","reference_type":"","scores":[{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52458","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52463","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52557","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.5252","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52505","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52531","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52498","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52551","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52545","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52596","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.5258","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52565","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52604","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52611","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52597","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52547","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7976"},{"reference_url":"https://bugs.ghostscript.com/show_bug.cgi?id=697683","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.ghostscript.com/show_bug.cgi?id=697683"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7976"},{"reference_url":"http://www.debian.org/security/2017/dsa-3855","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3855"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443897","reference_id":"1443897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443897"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860787","reference_id":"860787","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860787"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:artifex:jbig2dec:0.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7976","reference_id":"CVE-2017-7976","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:P"},{"value":"7.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7976"},{"reference_url":"https://security.gentoo.org/glsa/201708-10","reference_id":"GLSA-201708-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201708-10"},{"reference_url":"https://usn.ubuntu.com/3297-1/","reference_id":"USN-3297-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3297-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/925849?format=json","purl":"pkg:deb/debian/jbig2dec@0.13-4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.13-4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925846?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925844?format=json","purl":"pkg:deb/debian/jbig2dec@0.19-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/925847?format=json","purl":"pkg:deb/debian/jbig2dec@0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.20-1%3Fdistro=trixie"}],"aliases":["CVE-2017-7976"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yjz6-uc1v-c7ac"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jbig2dec@0.19-3%3Fdistro=trixie"}