{"url":"http://public2.vulnerablecode.io/api/packages/950411?format=json","purl":"pkg:apk/alpine/gd@2.2.5-r2?arch=ppc64le&distroversion=v3.13&reponame=main","type":"apk","namespace":"alpine","name":"gd","version":"2.2.5-r2","qualifiers":{"arch":"ppc64le","distroversion":"v3.13","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.3.0-r0","latest_non_vulnerable_version":"2.3.0-r1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61526?format=json","vulnerability_id":"VCID-3v99-kbeq-47d8","summary":"Multiple vulnerabilities have been found in GD, the worst of which\n    could result in the remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5711.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5711.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5711","reference_id":"","reference_type":"","scores":[{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91953","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.92001","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.92002","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.92006","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91961","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91969","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91975","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91988","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91991","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91994","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.91993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.9199","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.92008","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07835","scoring_system":"epss","scoring_elements":"0.92005","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-5711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535246","reference_id":"1535246","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887485","reference_id":"887485","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887485"},{"reference_url":"https://security.archlinux.org/AVG-865","reference_id":"AVG-865","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-865"},{"reference_url":"https://security.gentoo.org/glsa/201903-18","reference_id":"GLSA-201903-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1296","reference_id":"RHSA-2018:1296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://usn.ubuntu.com/3755-1/","reference_id":"USN-3755-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3755-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/950411?format=json","purl":"pkg:apk/alpine/gd@2.2.5-r2?arch=ppc64le&distroversion=v3.13&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/gd@2.2.5-r2%3Farch=ppc64le&distroversion=v3.13&reponame=main"}],"aliases":["CVE-2018-5711"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3v99-kbeq-47d8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61527?format=json","vulnerability_id":"VCID-6xda-97rd-9bam","summary":"Multiple vulnerabilities have been found in GD, the worst of which\n    could result in the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html"},{"reference_url":"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/152459/PHP-7.2-imagecolormatch-Out-Of-Band-Heap-Write.html"},{"reference_url":"http://php.net/ChangeLog-5.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-5.php"},{"reference_url":"http://php.net/ChangeLog-7.php","reference_id":"","reference_type":"","scores":[],"url":"http://php.net/ChangeLog-7.php"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6977","reference_id":"","reference_type":"","scores":[{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99399","published_at":"2026-04-02T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.9941","published_at":"2026-04-26T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99405","published_at":"2026-04-13T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99408","published_at":"2026-04-21T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99409","published_at":"2026-04-29T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.994","published_at":"2026-04-04T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99402","published_at":"2026-04-08T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99403","published_at":"2026-04-09T12:55:00Z"},{"value":"0.863","scoring_system":"epss","scoring_elements":"0.99404","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6977"},{"reference_url":"https://bugs.php.net/bug.php?id=77270","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.php.net/bug.php?id=77270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190315-0003/","reference_id":"","reference_type":"","scores":[],"url":"https://security.netapp.com/advisory/ntap-20190315-0003/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4384","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4384"},{"reference_url":"https://www.exploit-db.com/exploits/46677/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/46677/"},{"reference_url":"http://www.securityfocus.com/bid/106731","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/106731"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672207","reference_id":"1672207","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1672207"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645","reference_id":"920645","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645"},{"reference_url":"https://security.archlinux.org/AVG-865","reference_id":"AVG-865","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-865"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:storage_automation_store:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:php:php:7.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php","reference_id":"CVE-2019-6977","reference_type":"exploit","scores":[],"url":"https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php","reference_id":"CVE-2019-6977","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6977","reference_id":"CVE-2019-6977","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6977"},{"reference_url":"https://security.gentoo.org/glsa/201903-18","reference_id":"GLSA-201903-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2519","reference_id":"RHSA-2019:2519","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2519"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3299","reference_id":"RHSA-2019:3299","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3299"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4659","reference_id":"RHSA-2020:4659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4659"},{"reference_url":"https://usn.ubuntu.com/3900-1/","reference_id":"USN-3900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3900-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/950411?format=json","purl":"pkg:apk/alpine/gd@2.2.5-r2?arch=ppc64le&distroversion=v3.13&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/gd@2.2.5-r2%3Farch=ppc64le&distroversion=v3.13&reponame=main"}],"aliases":["CVE-2019-6977"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xda-97rd-9bam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/61528?format=json","vulnerability_id":"VCID-x635-b1cj-m7d7","summary":"Multiple vulnerabilities have been found in GD, the worst of which\n    could result in the remote execution of arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00025.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00031.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6978","reference_id":"","reference_type":"","scores":[{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.8545","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.8548","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85483","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85503","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85526","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85525","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85521","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85545","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.8555","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02564","scoring_system":"epss","scoring_elements":"0.85463","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03442","scoring_system":"epss","scoring_elements":"0.8752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03442","scoring_system":"epss","scoring_elements":"0.87527","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03442","scoring_system":"epss","scoring_elements":"0.87526","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03442","scoring_system":"epss","scoring_elements":"0.87504","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6978"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0"},{"reference_url":"https://github.com/libgd/libgd/issues/492","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libgd/libgd/issues/492"},{"reference_url":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/php/php-src/commit/089f7c0bc28d399b0420aa6ef058e4c1c120b2ae"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CZ2QADQTKRHTGB2AHD7J4QQNDLBEMM6/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3WRUPZVT2MWFUEMVGTRAGDOBHLNMGK5R/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TEYUUOW75YD3DENIPYMO263E6NL2NFHI/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TTXSLRZI5BCQT3H5KALG3DHUWUMNPDX2/"},{"reference_url":"https://www.debian.org/security/2019/dsa-4384","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4384"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1671390","reference_id":"1671390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1671390"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728","reference_id":"920728","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728"},{"reference_url":"https://security.archlinux.org/AVG-865","reference_id":"AVG-865","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-865"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libgd:libgd:2.2.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6978","reference_id":"CVE-2019-6978","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6978"},{"reference_url":"https://security.gentoo.org/glsa/201903-18","reference_id":"GLSA-201903-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201903-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2722","reference_id":"RHSA-2019:2722","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3943","reference_id":"RHSA-2020:3943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:4659","reference_id":"RHSA-2020:4659","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:4659"},{"reference_url":"https://usn.ubuntu.com/3900-1/","reference_id":"USN-3900-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3900-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/950411?format=json","purl":"pkg:apk/alpine/gd@2.2.5-r2?arch=ppc64le&distroversion=v3.13&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/gd@2.2.5-r2%3Farch=ppc64le&distroversion=v3.13&reponame=main"}],"aliases":["CVE-2019-6978"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x635-b1cj-m7d7"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/gd@2.2.5-r2%3Farch=ppc64le&distroversion=v3.13&reponame=main"}