{"url":"http://public2.vulnerablecode.io/api/packages/92835?format=json","purl":"pkg:deb/debian/discount@2.2.7-2.1?distro=trixie","type":"deb","namespace":"debian","name":"discount","version":"2.2.7-2.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66040?format=json","vulnerability_id":"VCID-12b6-1fsf-3ug7","summary":"The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12495.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12495","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67908","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67947","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67955","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67932","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1592866","reference_id":"1592866","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1592866"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912","reference_id":"901912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92833?format=json","purl":"pkg:deb/debian/discount@2.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92834?format=json","purl":"pkg:deb/debian/discount@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92832?format=json","purl":"pkg:deb/debian/discount@2.2.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92835?format=json","purl":"pkg:deb/debian/discount@2.2.7-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-12495"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-12b6-1fsf-3ug7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66038?format=json","vulnerability_id":"VCID-1v5k-4qzq-gqbx","summary":"The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11503.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11503.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11503","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67908","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67947","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67955","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67945","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67932","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583001","reference_id":"1583001","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583001"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912","reference_id":"901912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92833?format=json","purl":"pkg:deb/debian/discount@2.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92834?format=json","purl":"pkg:deb/debian/discount@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92832?format=json","purl":"pkg:deb/debian/discount@2.2.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92835?format=json","purl":"pkg:deb/debian/discount@2.2.7-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-11503"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1v5k-4qzq-gqbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66039?format=json","vulnerability_id":"VCID-23ag-qb7q-x3am","summary":"The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11504.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11504.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11504","reference_id":"","reference_type":"","scores":[{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.4753","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47595","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47597","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47579","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47549","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00241","scoring_system":"epss","scoring_elements":"0.47563","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583005","reference_id":"1583005","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1583005"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912","reference_id":"901912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92833?format=json","purl":"pkg:deb/debian/discount@2.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92834?format=json","purl":"pkg:deb/debian/discount@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92832?format=json","purl":"pkg:deb/debian/discount@2.2.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92835?format=json","purl":"pkg:deb/debian/discount@2.2.7-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-11504"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-23ag-qb7q-x3am"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66037?format=json","vulnerability_id":"VCID-69zb-vtg6-2yef","summary":"The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11468.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11468.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11468","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66986","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67027","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67036","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6702","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67004","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.67021","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11468"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11503"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11504"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12495"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1582640","reference_id":"1582640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1582640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912","reference_id":"901912","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901912"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92833?format=json","purl":"pkg:deb/debian/discount@2.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92834?format=json","purl":"pkg:deb/debian/discount@2.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92832?format=json","purl":"pkg:deb/debian/discount@2.2.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92835?format=json","purl":"pkg:deb/debian/discount@2.2.7-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-11468"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69zb-vtg6-2yef"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/discount@2.2.7-2.1%3Fdistro=trixie"}