VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/941070?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
    "type": "deb",
    "namespace": "debian",
    "name": "tiff",
    "version": "4.0.6-1",
    "qualifiers": {
        "distro": "trixie"
    },
    "subpath": "",
    "is_vulnerable": false,
    "next_non_vulnerable_version": "4.0.6-2",
    "latest_non_vulnerable_version": "4.7.1-2",
    "affected_by_vulnerabilities": [],
    "fixing_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47125?format=api",
            "vulnerability_id": "VCID-1dhy-s5x3-fuf7",
            "summary": "Multiple vulnerabilities in libTIFF could result in execution of\n    arbitrary code or Denial of Service.",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2209",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2209"
                },
                {
                    "reference_url": "http://marc.info/?l=oss-security&m=127731610612908&w=2",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://marc.info/?l=oss-security&m=127731610612908&w=2"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2596",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77087",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77066",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77057",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76913",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76919",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76949",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76931",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76963",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76974",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77002",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76981",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.76976",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77017",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77019",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77011",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77046",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00999",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77053",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2596"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=583081",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583081"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596"
                },
                {
                    "reference_url": "http://secunia.com/advisories/40422",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/40422"
                },
                {
                    "reference_url": "http://secunia.com/advisories/50726",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://secunia.com/advisories/50726"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-201209-02.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://security.gentoo.org/glsa/glsa-201209-02.xml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=610759",
                    "reference_id": "610759",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=610759"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-26",
                    "reference_id": "ASA-201611-26",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-26"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-27",
                    "reference_id": "ASA-201611-27",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-27"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-85",
                    "reference_id": "AVG-85",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-85"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-86",
                    "reference_id": "AVG-86",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-86"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.2:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2596",
                    "reference_id": "CVE-2010-2596",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-2596"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201209-02",
                    "reference_id": "GLSA-201209-02",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201209-02"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2014:0222",
                    "reference_id": "RHSA-2014:0222",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2014:0222"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2010-2596"
            ],
            "risk_score": 4.5,
            "exploitability": "0.5",
            "weighted_severity": "9.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dhy-s5x3-fuf7"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60982?format=api",
            "vulnerability_id": "VCID-81ew-t25a-f7gq",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43074",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.42913",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43118",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43053",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43055",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.42972",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.42837",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43132",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43159",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43098",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43151",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43163",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43184",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43136",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43196",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00207",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43186",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2015/12/25/1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2015/12/25/1"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2015/12/26/1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2015/12/26/1"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/79718",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/79718"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1035508",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id/1035508"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294427",
                    "reference_id": "1294427",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294427"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021",
                    "reference_id": "809021",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-26",
                    "reference_id": "ASA-201611-26",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-26"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-27",
                    "reference_id": "ASA-201611-27",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-27"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-85",
                    "reference_id": "AVG-85",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-85"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-86",
                    "reference_id": "AVG-86",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-86"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8683",
                    "reference_id": "CVE-2015-8683",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8683"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8683"
            ],
            "risk_score": 4.5,
            "exploitability": "0.5",
            "weighted_severity": "9.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81ew-t25a-f7gq"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60986?format=api",
            "vulnerability_id": "VCID-8f48-6u7s-xyht",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2508",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2508"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81194",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81365",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81324",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81329",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81346",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81203",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81226",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81254",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81259",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81279",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81265",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81258",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81294",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81296",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81295",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.01522",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81317",
                            "published_at": "2026-04-24T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8784"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/4",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/4"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/8",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/8"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/81696",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/81696"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301652",
                    "reference_id": "1301652",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301652"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8784",
                    "reference_id": "CVE-2015-8784",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8784"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8784"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8f48-6u7s-xyht"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60985?format=api",
            "vulnerability_id": "VCID-8kgw-n4zx-uqa8",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70931",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.711",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71079",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71061",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70942",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70959",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70934",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70976",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70992",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71015",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70999",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.70982",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71029",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71036",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00655",
                            "scoring_system": "epss",
                            "scoring_elements": "0.7107",
                            "published_at": "2026-04-24T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/3",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/3"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/7",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/7"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/81730",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/81730"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649",
                    "reference_id": "1301649",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8783",
                    "reference_id": "CVE-2015-8783",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8783"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8783"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kgw-n4zx-uqa8"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60980?format=api",
            "vulnerability_id": "VCID-gp1w-v49g-j3aw",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43179",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43023",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43223",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43157",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43158",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43078",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.42945",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43235",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43264",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43201",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43253",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43265",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43286",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43238",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43298",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00208",
                            "scoring_system": "epss",
                            "scoring_elements": "0.43287",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2015/12/24/2",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2015/12/24/2"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2015/12/24/4",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2015/12/24/4"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/79728",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/79728"
                },
                {
                    "reference_url": "http://www.securitytracker.com/id/1035508",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securitytracker.com/id/1035508"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294444",
                    "reference_id": "1294444",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1294444"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968",
                    "reference_id": "808968",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-26",
                    "reference_id": "ASA-201611-26",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-26"
                },
                {
                    "reference_url": "https://security.archlinux.org/ASA-201611-27",
                    "reference_id": "ASA-201611-27",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.archlinux.org/ASA-201611-27"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-85",
                    "reference_id": "AVG-85",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-85"
                },
                {
                    "reference_url": "https://security.archlinux.org/AVG-86",
                    "reference_id": "AVG-86",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Critical",
                            "scoring_system": "archlinux",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.archlinux.org/AVG-86"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8665",
                    "reference_id": "CVE-2015-8665",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "5.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8665"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8665"
            ],
            "risk_score": 4.5,
            "exploitability": "0.5",
            "weighted_severity": "9.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp1w-v49g-j3aw"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60983?format=api",
            "vulnerability_id": "VCID-mb38-6e5v-fbah",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83955",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8413",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84082",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84086",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84107",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8397",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83985",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.83989",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84012",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84018",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84035",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84029",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84024",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84047",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84049",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8405",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.02089",
                            "scoring_system": "epss",
                            "scoring_elements": "0.84076",
                            "published_at": "2026-04-24T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/3",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/3"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/7",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/7"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/81730",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/81730"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649",
                    "reference_id": "1301649",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8781",
                    "reference_id": "CVE-2015-8781",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8781"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8781"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mb38-6e5v-fbah"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60984?format=api",
            "vulnerability_id": "VCID-n614-w2nh-rqbe",
            "summary": "Multiple vulnerabilities have been found in libTIFF, the worst of\n    which may allow execution of arbitrary code.",
            "references": [
                {
                    "reference_url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://bugzilla.maptools.org/show_bug.cgi?id=2522"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html"
                },
                {
                    "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1546.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://rhn.redhat.com/errata/RHSA-2016-1547.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "3.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8139",
                            "published_at": "2026-04-01T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81566",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.8153",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81547",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81399",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81422",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81421",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81449",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81454",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81476",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81463",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81457",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81494",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81495",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81496",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81518",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.01557",
                            "scoring_system": "epss",
                            "scoring_elements": "0.81526",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784"
                },
                {
                    "reference_url": "http://www.debian.org/security/2016/dsa-3467",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.debian.org/security/2016/dsa-3467"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/3",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/3"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2016/01/24/7",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.openwall.com/lists/oss-security/2016/01/24/7"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
                },
                {
                    "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
                },
                {
                    "reference_url": "http://www.securityfocus.com/bid/81730",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.securityfocus.com/bid/81730"
                },
                {
                    "reference_url": "http://www.ubuntu.com/usn/USN-2939-1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "http://www.ubuntu.com/usn/USN-2939-1"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649",
                    "reference_id": "1301649",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1301649"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8782",
                    "reference_id": "CVE-2015-8782",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "4.3",
                            "scoring_system": "cvssv2",
                            "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P"
                        },
                        {
                            "value": "6.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8782"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201701-16",
                    "reference_id": "GLSA-201701-16",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201701-16"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1546",
                    "reference_id": "RHSA-2016:1546",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1546"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2016:1547",
                    "reference_id": "RHSA-2016:1547",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2016:1547"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/2939-1/",
                    "reference_id": "USN-2939-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/2939-1/"
                }
            ],
            "fixed_packages": [
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941070?format=api",
                    "purl": "pkg:deb/debian/tiff@4.0.6-1?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api",
                    "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-1hfc-b4qr-jqgk"
                        },
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-h9ap-xxmw-j7dr"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-vrtj-45t6-cqec"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api",
                    "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-38sj-85gt-sfhe"
                        },
                        {
                            "vulnerability": "VCID-4mhv-7vrm-v7hv"
                        },
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-a8jf-xmj8-cuh6"
                        },
                        {
                            "vulnerability": "VCID-b4hb-cxzy-suck"
                        },
                        {
                            "vulnerability": "VCID-d8kh-h6vs-gqd4"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-ndc5-qn5u-3qbq"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-rp7t-x7gz-9udg"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-ukgj-45m7-6uba"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        },
                        {
                            "vulnerability": "VCID-yfxw-tmnn-byc6"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-7zdy-fxq2-p7gf"
                        },
                        {
                            "vulnerability": "VCID-9grz-pkwb-3kc5"
                        },
                        {
                            "vulnerability": "VCID-dg96-zmw1-8kcp"
                        },
                        {
                            "vulnerability": "VCID-r186-xqyn-ffey"
                        },
                        {
                            "vulnerability": "VCID-sqxq-hg7v-d7gv"
                        },
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        },
                        {
                            "vulnerability": "VCID-vju4-pghv-47bx"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie",
                    "is_vulnerable": true,
                    "affected_by_vulnerabilities": [
                        {
                            "vulnerability": "VCID-ttb7-w41r-4kfn"
                        }
                    ],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie"
                },
                {
                    "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api",
                    "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie",
                    "is_vulnerable": false,
                    "affected_by_vulnerabilities": [],
                    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie"
                }
            ],
            "aliases": [
                "CVE-2015-8782"
            ],
            "risk_score": 3.0,
            "exploitability": "0.5",
            "weighted_severity": "5.9",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n614-w2nh-rqbe"
        }
    ],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie"
}

Package Instance