Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/928372?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "libraw", "version": "0.18.11-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "0.18.13-1", "latest_non_vulnerable_version": "0.22.1-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83263?format=api", "vulnerability_id": "VCID-1p46-52y8-kbgb", "summary": "libRaw: infinite loop in the parse_minolta function in dcraw/dcraw.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5813.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63816", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63832", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.6377", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.63884", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64105", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64072", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64098", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64152", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.6398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64016", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64028", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64035", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64048", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64045", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64014", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64059", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5813" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609954", "reference_id": "1609954", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1609954" }, { "reference_url": "https://usn.ubuntu.com/3838-1/", "reference_id": "USN-3838-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3838-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5813" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1p46-52y8-kbgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83426?format=api", "vulnerability_id": "VCID-cm22-ayty-xqes", "summary": "LibRaw: stack-based buffer overflow in LibRaw::parse_exif() and subsequently execute arbitrary code", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5809.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5809.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83256", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83286", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.8331", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83335", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83329", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.8336", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83361", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83362", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83393", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83394", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83418", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83439", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83458", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.8346", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83477", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.01917", "scoring_system": "epss", "scoring_elements": "0.83512", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5809" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661520", "reference_id": "1661520", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661520" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5809" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cm22-ayty-xqes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83424?format=api", "vulnerability_id": "VCID-feqd-qmgg-kyer", "summary": "libRaw: NULL pointer dereference in nikon_coolscan_load_raw in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5812.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5812.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6624", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6628", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66306", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66276", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66357", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66344", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66349", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66365", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.6635", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66372", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66387", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66363", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66408", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66452", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66425", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66446", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00508", "scoring_system": "epss", "scoring_elements": "0.66506", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5812" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610486", "reference_id": "1610486", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610486" }, { "reference_url": "https://usn.ubuntu.com/3838-1/", "reference_id": "USN-3838-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3838-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5812" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-feqd-qmgg-kyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83423?format=api", "vulnerability_id": "VCID-gfwy-pxzr-gqa6", "summary": "LibRaw: out-of-bounds read in nikon_coolscan_load_raw in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5811.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5811.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5811", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6617", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66211", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66238", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66268", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66289", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66275", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66294", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66278", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66302", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66317", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66337", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.6638", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66353", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66374", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00507", "scoring_system": "epss", "scoring_elements": "0.66433", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5811" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610483", "reference_id": "1610483", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610483" }, { "reference_url": "https://usn.ubuntu.com/3838-1/", "reference_id": "USN-3838-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3838-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5811" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfwy-pxzr-gqa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83421?format=api", "vulnerability_id": "VCID-h8wv-qjp1-abe5", "summary": "LibRaw: out-of-bounds read in samsung_load_raw in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5807.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65024", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65075", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65101", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65127", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65145", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65154", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65138", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65167", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65166", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65148", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65195", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.6524", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65209", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65231", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65286", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5807" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610469", "reference_id": "1610469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610469" }, { "reference_url": "https://usn.ubuntu.com/3838-1/", "reference_id": "USN-3838-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3838-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5807" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h8wv-qjp1-abe5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83505?format=api", "vulnerability_id": "VCID-hsza-kpb5-vqb9", "summary": "LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10528.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10528.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10528", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83356", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83609", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83556", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83557", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83573", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83369", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83384", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83458", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83459", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83482", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83489", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83491", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83515", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0194", "scoring_system": "epss", "scoring_elements": "0.83537", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10528" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528" }, { "reference_url": "https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3" }, { "reference_url": "https://github.com/LibRaw/LibRaw/issues/144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibRaw/LibRaw/issues/144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574313", "reference_id": "1574313", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574313" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897185", "reference_id": "897185", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897185" }, { "reference_url": "https://security.archlinux.org/ASA-201805-2", "reference_id": "ASA-201805-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-2" }, { "reference_url": "https://security.archlinux.org/AVG-681", "reference_id": "AVG-681", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-681" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10528", "reference_id": "CVE-2018-10528", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10528" }, { "reference_url": "https://usn.ubuntu.com/3639-1/", "reference_id": "USN-3639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10528" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hsza-kpb5-vqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83506?format=api", "vulnerability_id": "VCID-m4v4-63we-dqex", "summary": "LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10529.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10529.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10529", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.60973", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61224", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61118", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61177", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61166", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61045", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61109", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.6113", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61116", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61098", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61139", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61145", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61127", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61128", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61121", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00406", "scoring_system": "epss", "scoring_elements": "0.61069", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10529" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529" }, { "reference_url": "https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c" }, { "reference_url": "https://github.com/LibRaw/LibRaw/issues/144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/LibRaw/LibRaw/issues/144" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574325", "reference_id": "1574325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1574325" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897186", "reference_id": "897186", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897186" }, { "reference_url": "https://security.archlinux.org/ASA-201805-2", "reference_id": "ASA-201805-2", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201805-2" }, { "reference_url": "https://security.archlinux.org/AVG-681", "reference_id": "AVG-681", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-681" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10529", "reference_id": "CVE-2018-10529", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10529" }, { "reference_url": "https://usn.ubuntu.com/3639-1/", "reference_id": "USN-3639-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3639-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10529" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4v4-63we-dqex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83425?format=api", "vulnerability_id": "VCID-n8g7-9k7s-17g3", "summary": "LibRaw: stack-based buffer overflow in find_green() leads to arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5808.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84711", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84727", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84746", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84748", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.8477", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84777", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84785", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84807", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84808", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84805", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84832", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84842", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84841", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84857", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84882", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.849", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84895", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84911", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.02316", "scoring_system": "epss", "scoring_elements": "0.84943", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5808" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661518", "reference_id": "1661518", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1661518" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5808" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n8g7-9k7s-17g3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83422?format=api", "vulnerability_id": "VCID-v4se-wza6-a3dt", "summary": "libRaw: heap-based buffer overflow in rollei_load_raw in internal/dcraw_common.cpp", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5810.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.65977", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66019", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66047", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66015", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66064", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66077", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66096", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66053", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66088", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66102", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6609", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66111", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66122", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.6612", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66098", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66143", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66185", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66157", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66179", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66236", "published_at": "2026-05-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5810" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610479", "reference_id": "1610479", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1610479" }, { "reference_url": "https://usn.ubuntu.com/3838-1/", "reference_id": "USN-3838-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3838-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/928372?format=api", "purl": "pkg:deb/debian/libraw@0.18.11-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928362?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928360?format=api", "purl": "pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928364?format=api", "purl": "pkg:deb/debian/libraw@0.21.4-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-16gd-uc62-9ufj" }, { "vulnerability": "VCID-6xx8-17hs-dycx" }, { "vulnerability": "VCID-7fkh-bs2q-3kh9" }, { "vulnerability": "VCID-fcxc-babh-jkdy" }, { "vulnerability": "VCID-fhgt-mdjx-3bap" }, { "vulnerability": "VCID-j71m-zp3s-jfhr" }, { "vulnerability": "VCID-jv1c-typs-bfed" }, { "vulnerability": "VCID-sqs3-hagf-xfg9" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/928363?format=api", "purl": "pkg:deb/debian/libraw@0.21.5b-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1112548?format=api", "purl": "pkg:deb/debian/libraw@0.22.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5810" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v4se-wza6-a3dt" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie" }