{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","type":"deb","namespace":"debian","name":"libraw","version":"0.18.11-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.18.13-1","latest_non_vulnerable_version":"0.22.1-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83263?format=json","vulnerability_id":"VCID-1p46-52y8-kbgb","summary":"libRaw: infinite loop in the parse_minolta function in dcraw/dcraw.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5813.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5813","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63884","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63897","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63883","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.6377","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63832","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63816","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63858","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64105","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64072","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64098","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64152","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64159","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64174","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.6398","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64016","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64028","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64035","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64048","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64045","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64014","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00458","scoring_system":"epss","scoring_elements":"0.64059","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5813"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609954","reference_id":"1609954","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1609954"},{"reference_url":"https://usn.ubuntu.com/3838-1/","reference_id":"USN-3838-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3838-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5813"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1p46-52y8-kbgb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83426?format=json","vulnerability_id":"VCID-cm22-ayty-xqes","summary":"LibRaw: stack-based buffer overflow in LibRaw::parse_exif() and subsequently execute arbitrary code","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5809.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5809","reference_id":"","reference_type":"","scores":[{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83256","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83272","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83286","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.8331","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83335","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83329","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83325","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.8336","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83361","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83362","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83385","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83393","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83394","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83418","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83439","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83458","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.8346","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83477","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83512","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83523","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01917","scoring_system":"epss","scoring_elements":"0.83525","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5809"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661520","reference_id":"1661520","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661520"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5809"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cm22-ayty-xqes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83424?format=json","vulnerability_id":"VCID-feqd-qmgg-kyer","summary":"libRaw: NULL pointer dereference in nikon_coolscan_load_raw in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5812.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5812.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5812","reference_id":"","reference_type":"","scores":[{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6624","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6628","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66306","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66337","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66357","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66314","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66349","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66365","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.6635","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66372","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66363","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66408","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66452","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66425","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66446","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66506","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66516","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00508","scoring_system":"epss","scoring_elements":"0.66528","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5812"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5812","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5812"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610486","reference_id":"1610486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610486"},{"reference_url":"https://usn.ubuntu.com/3838-1/","reference_id":"USN-3838-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3838-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5812"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-feqd-qmgg-kyer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83423?format=json","vulnerability_id":"VCID-gfwy-pxzr-gqa6","summary":"LibRaw: out-of-bounds read in nikon_coolscan_load_raw in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5811.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5811.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5811","reference_id":"","reference_type":"","scores":[{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.6617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66238","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66208","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66255","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66268","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66275","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66244","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66279","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66294","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66278","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66302","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66317","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66337","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.6638","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66353","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66374","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66433","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66443","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00507","scoring_system":"epss","scoring_elements":"0.66454","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5811"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5811","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5811"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610483","reference_id":"1610483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610483"},{"reference_url":"https://usn.ubuntu.com/3838-1/","reference_id":"USN-3838-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3838-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5811"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gfwy-pxzr-gqa6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83421?format=json","vulnerability_id":"VCID-h8wv-qjp1-abe5","summary":"LibRaw: out-of-bounds read in samsung_load_raw in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5807.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5807","reference_id":"","reference_type":"","scores":[{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65024","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65075","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65101","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65065","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65113","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65146","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65108","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65145","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65138","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65167","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65166","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65195","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.6524","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65209","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65231","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65286","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65296","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00481","scoring_system":"epss","scoring_elements":"0.65309","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5807"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610469","reference_id":"1610469","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610469"},{"reference_url":"https://usn.ubuntu.com/3838-1/","reference_id":"USN-3838-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3838-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5807"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8wv-qjp1-abe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83505?format=json","vulnerability_id":"VCID-hsza-kpb5-vqb9","summary":"LibRaw: Stack-based buffer overflow in libraw_cxx.cpp:utf2char() allows for potential code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10528.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10528.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10528","reference_id":"","reference_type":"","scores":[{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83356","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83622","published_at":"2026-05-16T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83573","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83609","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.8362","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83384","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83408","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83418","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83432","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83427","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83458","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83459","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83482","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83489","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83491","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83515","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83537","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83556","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0194","scoring_system":"epss","scoring_elements":"0.83557","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10528"},{"reference_url":"https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LibRaw/LibRaw/commit/efd8cfabb93fd0396266a7607069901657c082e3"},{"reference_url":"https://github.com/LibRaw/LibRaw/issues/144","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LibRaw/LibRaw/issues/144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574313","reference_id":"1574313","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574313"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897185","reference_id":"897185","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897185"},{"reference_url":"https://security.archlinux.org/ASA-201805-2","reference_id":"ASA-201805-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-2"},{"reference_url":"https://security.archlinux.org/AVG-681","reference_id":"AVG-681","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-681"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10528","reference_id":"CVE-2018-10528","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10528"},{"reference_url":"https://usn.ubuntu.com/3639-1/","reference_id":"USN-3639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10528"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hsza-kpb5-vqb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83506?format=json","vulnerability_id":"VCID-m4v4-63we-dqex","summary":"LibRaw: Out-of-bounds read in X3F property table list functionality in libraw_x3f.cpp and libraw_cxx.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10529.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10529","reference_id":"","reference_type":"","scores":[{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.60973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61253","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61166","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61224","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6124","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61051","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61045","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61093","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61109","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.6113","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61116","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61098","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61139","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61145","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61127","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61128","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61121","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61069","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61118","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00406","scoring_system":"epss","scoring_elements":"0.61177","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10529"},{"reference_url":"https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LibRaw/LibRaw/commit/f0c505a3e5d47989a5f69be2d0d4f250af6b1a6c"},{"reference_url":"https://github.com/LibRaw/LibRaw/issues/144","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LibRaw/LibRaw/issues/144"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574325","reference_id":"1574325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1574325"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897186","reference_id":"897186","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=897186"},{"reference_url":"https://security.archlinux.org/ASA-201805-2","reference_id":"ASA-201805-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201805-2"},{"reference_url":"https://security.archlinux.org/AVG-681","reference_id":"AVG-681","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-681"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libraw:libraw:0.18.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10529","reference_id":"CVE-2018-10529","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-10529"},{"reference_url":"https://usn.ubuntu.com/3639-1/","reference_id":"USN-3639-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3639-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-10529"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m4v4-63we-dqex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83425?format=json","vulnerability_id":"VCID-n8g7-9k7s-17g3","summary":"LibRaw: stack-based buffer overflow in find_green() leads to arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5808.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5808","reference_id":"","reference_type":"","scores":[{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84711","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84727","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84746","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84748","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.8477","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84777","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84795","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84791","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84785","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84807","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84808","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84805","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84832","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84842","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84841","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84882","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.849","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84895","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84911","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84943","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84953","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02316","scoring_system":"epss","scoring_elements":"0.84956","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5808"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661518","reference_id":"1661518","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1661518"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5808"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8g7-9k7s-17g3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83422?format=json","vulnerability_id":"VCID-v4se-wza6-a3dt","summary":"libRaw: heap-based buffer overflow in rollei_load_raw in internal/dcraw_common.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5810.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5810","reference_id":"","reference_type":"","scores":[{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.65977","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66047","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66015","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66064","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66077","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66096","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66083","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66053","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66088","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6609","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66111","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66122","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.6612","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66098","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66143","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66185","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66157","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66179","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66236","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66246","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00502","scoring_system":"epss","scoring_elements":"0.66259","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610479","reference_id":"1610479","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1610479"},{"reference_url":"https://usn.ubuntu.com/3838-1/","reference_id":"USN-3838-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3838-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/928372?format=json","purl":"pkg:deb/debian/libraw@0.18.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928362?format=json","purl":"pkg:deb/debian/libraw@0.20.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928360?format=json","purl":"pkg:deb/debian/libraw@0.20.2-2.1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.20.2-2.1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928364?format=json","purl":"pkg:deb/debian/libraw@0.21.4-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-16gd-uc62-9ufj"},{"vulnerability":"VCID-6xx8-17hs-dycx"},{"vulnerability":"VCID-7fkh-bs2q-3kh9"},{"vulnerability":"VCID-fcxc-babh-jkdy"},{"vulnerability":"VCID-fhgt-mdjx-3bap"},{"vulnerability":"VCID-j71m-zp3s-jfhr"},{"vulnerability":"VCID-jv1c-typs-bfed"},{"vulnerability":"VCID-sqs3-hagf-xfg9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/928363?format=json","purl":"pkg:deb/debian/libraw@0.21.5b-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.21.5b-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112548?format=json","purl":"pkg:deb/debian/libraw@0.22.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.22.1-1%3Fdistro=trixie"}],"aliases":["CVE-2018-5810"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v4se-wza6-a3dt"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libraw@0.18.11-1%3Fdistro=trixie"}