{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"gtk+2.0","version":"2.24.33-2+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.24.33-2+deb12u1","latest_non_vulnerable_version":"2.24.33-10","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/64957?format=json","vulnerability_id":"VCID-2a7t-f7pj-abh9","summary":"GTK+ 3.10.9 and earlier, as used in cinnamon-screensaver, gnome-screensaver, and other applications, allows physically proximate attackers to bypass the lock screen by pressing the menu button.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1949","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11429","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11515","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11512","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11479","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11398","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1141","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1949"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738828","reference_id":"738828","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738828"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98113?format=json","purl":"pkg:deb/debian/gtk%2B2.0@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2014-1949"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2a7t-f7pj-abh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69842?format=json","vulnerability_id":"VCID-3g3h-e1td-mkad","summary":"io-xpm.c in the gdk-pixbuf XPM image rendering library in GTK+ before 2.8.7 allows attackers to cause a denial of service (infinite loop) via a crafted XPM image with a large number of colors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2975.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2975.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2975","reference_id":"","reference_type":"","scores":[{"value":"0.1189","scoring_system":"epss","scoring_elements":"0.93874","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1189","scoring_system":"epss","scoring_elements":"0.93884","published_at":"2026-06-07T12:55:00Z"},{"value":"0.1189","scoring_system":"epss","scoring_elements":"0.93883","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1189","scoring_system":"epss","scoring_elements":"0.93882","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1189","scoring_system":"epss","scoring_elements":"0.93887","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2975"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617771","reference_id":"1617771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617771"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431","reference_id":"339431","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431"},{"reference_url":"https://security.gentoo.org/glsa/200511-14","reference_id":"GLSA-200511-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200511-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:810","reference_id":"RHSA-2005:810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:811","reference_id":"RHSA-2005:811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:811"},{"reference_url":"https://usn.ubuntu.com/216-1/","reference_id":"USN-216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/216-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98111?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.6.10-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.6.10-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2005-2975"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3g3h-e1td-mkad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69856?format=json","vulnerability_id":"VCID-3yaa-xt8h-cycb","summary":"io-tga.c in gdk-pixbuf before 2.32.0 uses heap memory after its allocation failed, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) and possibly execute arbitrary code via a crafted Truevision TGA (TARGA) file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7673.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7673.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7673","reference_id":"","reference_type":"","scores":[{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.85255","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.85279","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.85285","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.85267","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02374","scoring_system":"epss","scoring_elements":"0.8528","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1261836","reference_id":"1261836","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1261836"},{"reference_url":"https://security.gentoo.org/glsa/201512-05","reference_id":"GLSA-201512-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-05"},{"reference_url":"https://usn.ubuntu.com/2767-1/","reference_id":"USN-2767-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2767-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98116?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.21.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.21.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2015-7673"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3yaa-xt8h-cycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71990?format=json","vulnerability_id":"VCID-416z-bz82-ybdg","summary":"Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to execute arbitrary code via a Trojan horse GTK module in an unspecified \"relative search path.\"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0848","reference_id":"","reference_type":"","scores":[{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40573","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40652","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40656","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40629","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40599","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00189","scoring_system":"epss","scoring_elements":"0.40612","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0848"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98113?format=json","purl":"pkg:deb/debian/gtk%2B2.0@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2009-0848"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-416z-bz82-ybdg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69840?format=json","vulnerability_id":"VCID-418g-5k4q-zqah","summary":"Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0788.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788","reference_id":"","reference_type":"","scores":[{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94351","published_at":"2026-06-04T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.9436","published_at":"2026-06-05T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94361","published_at":"2026-06-06T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94362","published_at":"2026-06-08T12:55:00Z"},{"value":"0.13522","scoring_system":"epss","scoring_elements":"0.94367","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0788"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0788"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290","reference_id":"1617290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617290"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0788"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-418g-5k4q-zqah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71989?format=json","vulnerability_id":"VCID-4bhz-zvee-53dg","summary":"The GdkPixbufLoader function in GIMP ToolKit (GTK+) in GTK 2 (gtk2) before 2.4.13 allows context-dependent attackers to cause a denial of service (crash) via a malformed image file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0010.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0010","reference_id":"","reference_type":"","scores":[{"value":"0.0093","scoring_system":"epss","scoring_elements":"0.76477","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0093","scoring_system":"epss","scoring_elements":"0.76505","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01173","scoring_system":"epss","scoring_elements":"0.79061","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01173","scoring_system":"epss","scoring_elements":"0.79051","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01173","scoring_system":"epss","scoring_elements":"0.79039","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01173","scoring_system":"epss","scoring_elements":"0.79057","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618260","reference_id":"1618260","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1618260"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/29520.txt","reference_id":"CVE-2007-0010;OSVDB-31621","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/29520.txt"},{"reference_url":"https://www.securityfocus.com/bid/22209/info","reference_id":"CVE-2007-0010;OSVDB-31621","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/22209/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0019","reference_id":"RHSA-2007:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0019"},{"reference_url":"https://usn.ubuntu.com/415-1/","reference_id":"USN-415-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/415-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98112?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.8.20-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.8.20-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2007-0010"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4bhz-zvee-53dg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71996?format=json","vulnerability_id":"VCID-h8je-bxv2-guam","summary":"A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6655.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6655.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6655","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.1625","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16357","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16355","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16313","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16231","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-6655"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6655","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6655"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2024/09/09/1","reference_id":"1","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://www.openwall.com/lists/oss-security/2024/09/09/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297098","reference_id":"2297098","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2297098"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-6655","reference_id":"CVE-2024-6655","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-6655"},{"reference_url":"https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0","reference_id":"diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0"},{"reference_url":"https://security.gentoo.org/glsa/202506-05","reference_id":"GLSA-202506-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:6963","reference_id":"RHSA-2024:6963","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:6963"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9184","reference_id":"RHSA-2024:9184","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T18:07:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9184"},{"reference_url":"https://usn.ubuntu.com/6899-1/","reference_id":"USN-6899-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6899-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98117?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2024-6655"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h8je-bxv2-guam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69839?format=json","vulnerability_id":"VCID-hs4e-6xvn-sbb6","summary":"Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based buffer overflow.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0687).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0782.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782","reference_id":"","reference_type":"","scores":[{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9684","published_at":"2026-06-04T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96845","published_at":"2026-06-05T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96849","published_at":"2026-06-08T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.9685","published_at":"2026-06-07T12:55:00Z"},{"value":"0.31086","scoring_system":"epss","scoring_elements":"0.96854","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0782"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0782"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283","reference_id":"1617283","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617283"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0782"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hs4e-6xvn-sbb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69841?format=json","vulnerability_id":"VCID-jx5x-gyv8-wkhm","summary":"Double free vulnerability in gtk 2 (gtk2) before 2.2.4 allows remote attackers to cause a denial of service (crash) via a crafted BMP image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0891.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0891","reference_id":"","reference_type":"","scores":[{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84101","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84123","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84126","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84122","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84111","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02026","scoring_system":"epss","scoring_elements":"0.84124","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617587","reference_id":"1617587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:343","reference_id":"RHSA-2005:343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:344","reference_id":"RHSA-2005:344","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:344"},{"reference_url":"https://usn.ubuntu.com/108-1/","reference_id":"USN-108-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/108-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98110?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.6.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.6.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2005-0891"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jx5x-gyv8-wkhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71991?format=json","vulnerability_id":"VCID-kd8u-szc8-6kc9","summary":"gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit paints on windows of type GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances and consequently allows physically proximate attackers to bypass screen locking and access an unattended workstation by pressing the Enter key many times.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0732.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0732.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0732","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12748","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12831","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12836","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12797","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12713","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12742","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0732"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0732","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0732"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=565527","reference_id":"565527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=565527"},{"reference_url":"https://security.gentoo.org/glsa/201412-08","reference_id":"GLSA-201412-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98114?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.18.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.18.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2010-0732"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kd8u-szc8-6kc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71993?format=json","vulnerability_id":"VCID-nh68-vj8v-fucb","summary":"Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 allows local users to gain privileges via a Trojan horse uxtheme.dll file in the current working directory, a different vulnerability than CVE-2010-4831.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4833","reference_id":"","reference_type":"","scores":[{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67056","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67097","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67105","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67089","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67072","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00517","scoring_system":"epss","scoring_elements":"0.67088","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4833"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98113?format=json","purl":"pkg:deb/debian/gtk%2B2.0@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2010-4833"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nh68-vj8v-fucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69843?format=json","vulnerability_id":"VCID-pkjt-anyv-hkfc","summary":"Integer overflow in io-xpm.c in gdk-pixbuf 0.22.0 in GTK+ before 2.8.7 allows attackers to cause a denial of service (crash) or execute arbitrary code via an XPM file with large height, width, and colour values, a different vulnerability than CVE-2005-3186.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2976.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2976","reference_id":"","reference_type":"","scores":[{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82733","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82758","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82757","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82755","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.82748","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01719","scoring_system":"epss","scoring_elements":"0.8276","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617772","reference_id":"1617772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617772"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431","reference_id":"339431","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431"},{"reference_url":"https://security.gentoo.org/glsa/200511-14","reference_id":"GLSA-200511-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200511-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:810","reference_id":"RHSA-2005:810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:810"},{"reference_url":"https://usn.ubuntu.com/216-1/","reference_id":"USN-216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/216-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98111?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.6.10-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.6.10-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2005-2976"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pkjt-anyv-hkfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2949?format=json","vulnerability_id":"VCID-qtnf-u4kt-ybav","summary":"Security researcher Gustavo Grieco reported a heap overflow\nin gdk-pixbuf affecting Linux systems using Gnome. This issue is\ntriggered by the scaling of a malformed bitmap format image and results in a\npotentially exploitable crash.\nThis issue only affects Linux systems running Gnome. Windows and\nOS X operating systems are unaffected.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4491.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4491.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4491","reference_id":"","reference_type":"","scores":[{"value":"0.03692","scoring_system":"epss","scoring_elements":"0.8817","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03692","scoring_system":"epss","scoring_elements":"0.88149","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03692","scoring_system":"epss","scoring_elements":"0.88172","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03692","scoring_system":"epss","scoring_elements":"0.88187","published_at":"2026-06-09T12:55:00Z"},{"value":"0.03692","scoring_system":"epss","scoring_elements":"0.88173","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4491"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252290","reference_id":"1252290","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252290"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491","reference_id":"CVE-2015-4491","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4491"},{"reference_url":"https://security.gentoo.org/glsa/201512-05","reference_id":"GLSA-201512-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-05"},{"reference_url":"https://security.gentoo.org/glsa/201605-06","reference_id":"GLSA-201605-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-06"},{"reference_url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-88","reference_id":"mfsa2015-88","reference_type":"","scores":[{"value":"high","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mozilla.org/en-US/security/advisories/mfsa2015-88"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1586","reference_id":"RHSA-2015:1586","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1586"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1682","reference_id":"RHSA-2015:1682","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1682"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1694","reference_id":"RHSA-2015:1694","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1694"},{"reference_url":"https://usn.ubuntu.com/2702-1/","reference_id":"USN-2702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2702-1/"},{"reference_url":"https://usn.ubuntu.com/2712-1/","reference_id":"USN-2712-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2712-1/"},{"reference_url":"https://usn.ubuntu.com/2722-1/","reference_id":"USN-2722-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2722-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98116?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.21.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.21.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2015-4491"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qtnf-u4kt-ybav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71992?format=json","vulnerability_id":"VCID-tzmx-8pkc-dyee","summary":"Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local users to gain privileges via a Trojan horse Wintab32.dll file in the current working directory.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4831","reference_id":"","reference_type":"","scores":[{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30769","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30842","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30808","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30774","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30743","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.3076","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4831"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98113?format=json","purl":"pkg:deb/debian/gtk%2B2.0@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2010-4831"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzmx-8pkc-dyee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71994?format=json","vulnerability_id":"VCID-u2vf-5ns6-gfdn","summary":"Integer overflow in the gdk_cairo_set_source_pixbuf function in gdk/gdkcairo.c in GTK+ before 3.9.8, as used in eom, gnome-photos, eog, gambas3, thunar, pinpoint, and possibly other applications, allows remote attackers to cause a denial of service (crash) via a large image file, which triggers a large memory allocation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7447.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7447.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7447","reference_id":"","reference_type":"","scores":[{"value":"0.04428","scoring_system":"epss","scoring_elements":"0.89222","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04428","scoring_system":"epss","scoring_elements":"0.89239","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04428","scoring_system":"epss","scoring_elements":"0.8924","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04428","scoring_system":"epss","scoring_elements":"0.89256","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7447"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7447"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306681","reference_id":"1306681","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1306681"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799275","reference_id":"799275","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=799275"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818090","reference_id":"818090","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=818090"},{"reference_url":"https://usn.ubuntu.com/2898-1/","reference_id":"USN-2898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2898-1/"},{"reference_url":"https://usn.ubuntu.com/2898-2/","reference_id":"USN-2898-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2898-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98115?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.30-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.30-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2013-7447"],"risk_score":1.1,"exploitability":"0.5","weighted_severity":"2.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2vf-5ns6-gfdn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69844?format=json","vulnerability_id":"VCID-uq15-6b83-vya1","summary":"Integer overflow in the GTK+ gdk-pixbuf XPM image rendering library in GTK+ 2.4.0 allows attackers to execute arbitrary code via an XPM file with a number of colors that causes insufficient memory to be allocated, which leads to a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3186.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3186.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3186","reference_id":"","reference_type":"","scores":[{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.84817","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.8484","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.84844","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.84839","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.84828","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02224","scoring_system":"epss","scoring_elements":"0.84842","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-3186"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617795","reference_id":"1617795","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617795"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431","reference_id":"339431","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=339431"},{"reference_url":"https://security.gentoo.org/glsa/200511-14","reference_id":"GLSA-200511-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200511-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:810","reference_id":"RHSA-2005:810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:811","reference_id":"RHSA-2005:811","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:811"},{"reference_url":"https://usn.ubuntu.com/216-1/","reference_id":"USN-216-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/216-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98111?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.6.10-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.6.10-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2005-3186"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uq15-6b83-vya1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71987?format=json","vulnerability_id":"VCID-uqwx-c1a6-33dx","summary":"Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string.  NOTE: this identifier is ONLY for gtk+.  It was incorrectly referenced in an advisory for a different issue (CVE-2004-0688).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0783.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0783","reference_id":"","reference_type":"","scores":[{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.9663","published_at":"2026-06-04T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96633","published_at":"2026-06-05T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96638","published_at":"2026-06-08T12:55:00Z"},{"value":"0.28699","scoring_system":"epss","scoring_elements":"0.96643","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0783"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617284","reference_id":"1617284","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:447","reference_id":"RHSA-2004:447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:466","reference_id":"RHSA-2004:466","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:466"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98106?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.4.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.4.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2004-0783"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqwx-c1a6-33dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69858?format=json","vulnerability_id":"VCID-y52c-a5zt-r7hu","summary":"Integer overflow in the pixops_scale_nearest function in pixops/pixops.c in gdk-pixbuf before 2.32.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted GIF image file, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7674.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7674.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7674","reference_id":"","reference_type":"","scores":[{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77097","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77128","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77138","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77127","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77117","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00979","scoring_system":"epss","scoring_elements":"0.77139","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7674"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7673","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7673"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7674"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268249","reference_id":"1268249","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1268249"},{"reference_url":"https://security.gentoo.org/glsa/201512-05","reference_id":"GLSA-201512-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201512-05"},{"reference_url":"https://usn.ubuntu.com/2767-1/","reference_id":"USN-2767-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2767-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98116?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.21.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.21.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98107?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98105?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98109?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98108?format=json","purl":"pkg:deb/debian/gtk%2B2.0@2.24.33-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-10%3Fdistro=trixie"}],"aliases":["CVE-2015-7674"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y52c-a5zt-r7hu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gtk%252B2.0@2.24.33-2%252Bdeb11u1%3Fdistro=trixie"}