Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/941125?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "type": "deb", "namespace": "debian", "name": "tiff", "version": "4.4.0-6", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "4.5.0-2", "latest_non_vulnerable_version": "4.7.1-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79411?format=api", "vulnerability_id": "VCID-48tr-y71p-7fbb", "summary": "libtiff: Assertion fail in rotateImage() function at tiffcrop.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2520.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17986", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17904", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17866", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18202", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17957", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18043", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18104", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18113", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1807", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1802", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17962", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17973", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17911", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17887", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17852", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17708", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17802", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/424", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/424" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670", "reference_id": "1024670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122792", "reference_id": "2122792", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122792" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2520", "reference_id": "CVE-2022-2520", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2520" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0095", "reference_id": "RHSA-2023:0095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0302", "reference_id": "RHSA-2023:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0302" }, { "reference_url": "https://usn.ubuntu.com/5714-1/", "reference_id": "USN-5714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941121?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hfc-b4qr-jqgk" }, { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-h9ap-xxmw-j7dr" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-vrtj-45t6-cqec" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api", "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-b4hb-cxzy-suck" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api", "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-vju4-pghv-47bx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ttb7-w41r-4kfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2520" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48tr-y71p-7fbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79410?format=api", "vulnerability_id": "VCID-76g4-kacn-7yg7", "summary": "libtiff: Double free or corruption in rotateImage() function at tiffcrop.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3117", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31076", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.311", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31775", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31638", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31689", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31644", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31657", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31448", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31322", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31241", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31089", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31158", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31166", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/423", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/423" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670", "reference_id": "1024670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122789", "reference_id": "2122789", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122789" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2519", "reference_id": "CVE-2022-2519", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0095", "reference_id": "RHSA-2023:0095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0302", "reference_id": "RHSA-2023:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0302" }, { "reference_url": "https://usn.ubuntu.com/5714-1/", "reference_id": "USN-5714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941121?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hfc-b4qr-jqgk" }, { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-h9ap-xxmw-j7dr" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-vrtj-45t6-cqec" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api", "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-b4hb-cxzy-suck" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api", "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-vju4-pghv-47bx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ttb7-w41r-4kfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2519" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76g4-kacn-7yg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79412?format=api", "vulnerability_id": "VCID-ap6w-9c6j-akdp", "summary": "libtiff: Invalid pointer free operation in TIFFClose() at tif_close.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2521.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3117", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31076", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.311", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31775", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31638", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31689", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31644", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31657", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31448", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31322", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31241", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31089", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31158", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31166", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/422", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/422" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/merge_requests/378" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670", "reference_id": "1024670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122799", "reference_id": "2122799", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2122799" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2521", "reference_id": "CVE-2022-2521", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0095", "reference_id": "RHSA-2023:0095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0302", "reference_id": "RHSA-2023:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0302" }, { "reference_url": "https://usn.ubuntu.com/5714-1/", "reference_id": "USN-5714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941121?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hfc-b4qr-jqgk" }, { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-h9ap-xxmw-j7dr" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-vrtj-45t6-cqec" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api", "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-b4hb-cxzy-suck" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api", "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-vju4-pghv-47bx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ttb7-w41r-4kfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2521" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ap6w-9c6j-akdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78885?format=api", "vulnerability_id": "VCID-jdv4-3mf6-93hm", "summary": "libtiff: integer overflow in function TIFFReadRGBATileExt of the file", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26732", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2679", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.2677", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26847", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28727", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28688", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28879", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.28939", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29209", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29096", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0011", "scoring_system": "epss", "scoring_elements": "0.29027", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29945", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29921", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.2985", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.29871", "published_at": "2026-05-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024737", "reference_id": "1024737", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024737" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148918", "reference_id": "2148918", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2148918" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be", "reference_id": "227500897dfb07fb7d27f7aa570050e62617e3be", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://gitlab.com/libtiff/libtiff/-/commit/227500897dfb07fb7d27f7aa570050e62617e3be" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3970", "reference_id": "CVE-2022-3970", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3970" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137", "reference_id": "detail?id=53137", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137" }, { "reference_url": "https://oss-fuzz.com/download?testcase_id=5738253143900160", "reference_id": "download?testcase_id=5738253143900160", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://oss-fuzz.com/download?testcase_id=5738253143900160" }, { "reference_url": "https://support.apple.com/kb/HT213841", "reference_id": "HT213841", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://support.apple.com/kb/HT213841" }, { "reference_url": "https://support.apple.com/kb/HT213843", "reference_id": "HT213843", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://support.apple.com/kb/HT213843" }, { "reference_url": "https://vuldb.com/?id.213549", "reference_id": "?id.213549", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://vuldb.com/?id.213549" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00018.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20221215-0009/", "reference_id": "ntap-20221215-0009", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T16:57:45Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20221215-0009/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2340", "reference_id": "RHSA-2023:2340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2883", "reference_id": "RHSA-2023:2883", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2883" }, { "reference_url": "https://usn.ubuntu.com/5743-1/", "reference_id": "USN-5743-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5743-1/" }, { "reference_url": "https://usn.ubuntu.com/5743-2/", "reference_id": "USN-5743-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5743-2/" }, { "reference_url": "https://usn.ubuntu.com/5841-1/", "reference_id": "USN-5841-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5841-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941121?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hfc-b4qr-jqgk" }, { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-h9ap-xxmw-j7dr" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-vrtj-45t6-cqec" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api", "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-b4hb-cxzy-suck" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api", "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-vju4-pghv-47bx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ttb7-w41r-4kfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jdv4-3mf6-93hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79107?format=api", "vulnerability_id": "VCID-tfyj-y9q3-t3ar", "summary": "libtiff: tiffcrop: heap-buffer-overflow in extractImageSection in tiffcrop.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04592", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04542", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04582", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04584", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04585", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04351", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04346", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04297", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04305", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0445", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0447", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0451", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04512", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0764", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07683", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1622" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1623" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2056" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2057" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2521" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34526" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3570" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4645" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48281" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/commit/48d6ece8389b01129e7d357f0985c8f938ce3da3" }, { "reference_url": "https://gitlab.com/libtiff/libtiff/-/issues/414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.com/libtiff/libtiff/-/issues/414" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670", "reference_id": "1024670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024670" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134432", "reference_id": "2134432", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2134432" }, { "reference_url": "https://security.archlinux.org/AVG-2842", "reference_id": "AVG-2842", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2953", "reference_id": "CVE-2022-2953", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2953" }, { "reference_url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json", "reference_id": "CVE-2022-2953.JSON", "reference_type": "", "scores": [], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2953.json" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0095", "reference_id": "RHSA-2023:0095", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0302", "reference_id": "RHSA-2023:0302", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0302" }, { "reference_url": "https://usn.ubuntu.com/5714-1/", "reference_id": "USN-5714-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5714-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/941121?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941049?format=api", "purl": "pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1hfc-b4qr-jqgk" }, { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-h9ap-xxmw-j7dr" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-vrtj-45t6-cqec" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941125?format=api", "purl": "pkg:deb/debian/tiff@4.4.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941047?format=api", "purl": "pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-38sj-85gt-sfhe" }, { "vulnerability": "VCID-4mhv-7vrm-v7hv" }, { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-a8jf-xmj8-cuh6" }, { "vulnerability": "VCID-b4hb-cxzy-suck" }, { "vulnerability": "VCID-d8kh-h6vs-gqd4" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-ndc5-qn5u-3qbq" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-rp7t-x7gz-9udg" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-ukgj-45m7-6uba" }, { "vulnerability": "VCID-vju4-pghv-47bx" }, { "vulnerability": "VCID-yfxw-tmnn-byc6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941051?format=api", "purl": "pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-7zdy-fxq2-p7gf" }, { "vulnerability": "VCID-9grz-pkwb-3kc5" }, { "vulnerability": "VCID-dg96-zmw1-8kcp" }, { "vulnerability": "VCID-r186-xqyn-ffey" }, { "vulnerability": "VCID-sqxq-hg7v-d7gv" }, { "vulnerability": "VCID-ttb7-w41r-4kfn" }, { "vulnerability": "VCID-vju4-pghv-47bx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/941050?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ttb7-w41r-4kfn" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1000494?format=api", "purl": "pkg:deb/debian/tiff@4.7.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2953" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tfyj-y9q3-t3ar" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.4.0-6%3Fdistro=trixie" }