{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","type":"deb","namespace":"debian","name":"libjpeg-turbo","version":"1:2.0.6-4","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:2.1.5-2","latest_non_vulnerable_version":"1:2.1.5-2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/80461?format=json","vulnerability_id":"VCID-d73e-m4f8-73bc","summary":"libjpeg-turbo: heap buffer overflow in get_word_rgb_row() in rdppm.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46822.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-46822.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46822","reference_id":"","reference_type":"","scores":[{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34812","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3501","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.35037","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34962","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.3499","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34994","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34934","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34973","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34956","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34912","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34682","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34662","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00146","scoring_system":"epss","scoring_elements":"0.34572","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-46822"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46822","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46822"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221567","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/221567"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/f35fd27ec641c42d6b115bfa595e483ec58188d2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2100044","reference_id":"2100044","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2100044"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46822","reference_id":"CVE-2021-46822","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-46822"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1068","reference_id":"RHSA-2023:1068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1068"},{"reference_url":"https://usn.ubuntu.com/5631-1/","reference_id":"USN-5631-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5631-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994481?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.1.5-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.1.5-2"}],"aliases":["CVE-2021-46822"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d73e-m4f8-73bc"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60289?format=json","vulnerability_id":"VCID-77d3-x18w-a7f6","summary":"Multiple vulnerabilities have been discovered in libjpeg-turbo, the worst of which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17541.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-17541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17541","reference_id":"","reference_type":"","scores":[{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54633","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54703","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54725","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54695","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54748","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00316","scoring_system":"epss","scoring_elements":"0.54743","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65766","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65722","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65757","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65771","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.6577","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.65781","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00494","scoring_system":"epss","scoring_elements":"0.6578","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-17541"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17541"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/392"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968036","reference_id":"1968036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1968036"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-17541","reference_id":"CVE-2020-17541","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-17541"},{"reference_url":"https://security.gentoo.org/glsa/202405-20","reference_id":"GLSA-202405-20","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-20"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4288","reference_id":"RHSA-2021:4288","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4288"},{"reference_url":"https://usn.ubuntu.com/5553-1/","reference_id":"USN-5553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5553-1/"},{"reference_url":"https://usn.ubuntu.com/5631-1/","reference_id":"USN-5631-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5631-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2020-17541"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-77d3-x18w-a7f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81110?format=json","vulnerability_id":"VCID-a3r5-u4q5-efhk","summary":"libjpeg-turbo: Null pointer dereference in jcopy_sample_rows() function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35538.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35538","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07135","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07263","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07307","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0729","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07346","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0737","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07356","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07274","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07268","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07394","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07354","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07361","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07335","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122387","reference_id":"2122387","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2122387"},{"reference_url":"https://usn.ubuntu.com/5631-1/","reference_id":"USN-5631-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5631-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2020-35538"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a3r5-u4q5-efhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83261?format=json","vulnerability_id":"VCID-adpa-bp3z-vbhn","summary":"libjpeg-turbo: heap-based buffer over-read via crafted 8-bit BMP in get_8bit_row in rdbmp.c leads to denial of service","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14498.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14498.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14498","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53174","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53225","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.5328","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53251","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53263","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53198","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53222","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.5319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53242","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53237","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53273","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53256","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53294","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.533","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-14498"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14498","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14498"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/9c78a04df4e44ef6487eee99c4258397f4fdca55"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/issues/258"},{"reference_url":"https://github.com/mozilla/mozjpeg/issues/299","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mozilla/mozjpeg/issues/299"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00021.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7YP4QUEYGHI4Q7GIAVFVKWQ7DJMBYLU/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1687424","reference_id":"1687424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1687424"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924678","reference_id":"924678","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924678"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozjpeg:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:mozilla:mozjpeg:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozjpeg:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14498","reference_id":"CVE-2018-14498","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14498"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2052","reference_id":"RHSA-2019:2052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2052"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:3705","reference_id":"RHSA-2019:3705","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:3705"},{"reference_url":"https://usn.ubuntu.com/4190-1/","reference_id":"USN-4190-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4190-1/"},{"reference_url":"https://usn.ubuntu.com/5553-1/","reference_id":"USN-5553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5553-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2018-14498"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-adpa-bp3z-vbhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58214?format=json","vulnerability_id":"VCID-rgsc-btdd-m3he","summary":"An information disclosure vulnerability in libjpeg-turbo allow\n    remote attackers to obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13790.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13790.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13790","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65158","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65208","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65199","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65249","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65262","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65267","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65239","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65274","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65284","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.6528","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65294","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65291","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13790"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13790"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847155","reference_id":"1847155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1847155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962829","reference_id":"962829","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=962829"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13790","reference_id":"CVE-2020-13790","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13790"},{"reference_url":"https://security.gentoo.org/glsa/202010-03","reference_id":"GLSA-202010-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202010-03"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7540","reference_id":"RHSA-2025:7540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7540"},{"reference_url":"https://usn.ubuntu.com/4386-1/","reference_id":"USN-4386-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4386-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2020-13790"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgsc-btdd-m3he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83400?format=json","vulnerability_id":"VCID-tvq2-6ujj-7yet","summary":"libjpeg: \"cjpeg\" utility large loop because read_pixel in rdtarga.c mishandles EOF","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11813.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11813.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11813","reference_id":"","reference_type":"","scores":[{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45702","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48097","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48154","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48108","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4809","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48101","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48049","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48102","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.4812","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48095","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48106","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00248","scoring_system":"epss","scoring_elements":"0.48159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51196","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11813"},{"reference_url":"https://bugs.gentoo.org/727908","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.gentoo.org/727908"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11813","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11813"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ChijinZ/security_advisories/blob/master/libjpeg-v9c/mail.pdf"},{"reference_url":"https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ChijinZ/security_advisories/tree/master/libjpeg-v9c"},{"reference_url":"http://www.ijg.org/files/jpegsrc.v9d.tar.gz","reference_id":"","reference_type":"","scores":[],"url":"http://www.ijg.org/files/jpegsrc.v9d.tar.gz"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588803","reference_id":"1588803","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588803"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904719","reference_id":"904719","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904719"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ijg:libjpeg:9c:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ijg:libjpeg:9c:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ijg:libjpeg:9c:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11813","reference_id":"CVE-2018-11813","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2052","reference_id":"RHSA-2019:2052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2052"},{"reference_url":"https://usn.ubuntu.com/5497-1/","reference_id":"USN-5497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5497-1/"},{"reference_url":"https://usn.ubuntu.com/5553-1/","reference_id":"USN-5553-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5553-1/"},{"reference_url":"https://usn.ubuntu.com/5631-1/","reference_id":"USN-5631-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5631-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5336-1/","reference_id":"USN-USN-5336-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5336-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5497-2/","reference_id":"USN-USN-5497-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5497-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2018-11813"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tvq2-6ujj-7yet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83911?format=json","vulnerability_id":"VCID-ugd8-a68r-hugj","summary":"libjpeg-turbo: NULL pointer dereference in jdpostct.c and jquant1.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15232.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15232","reference_id":"","reference_type":"","scores":[{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67885","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68036","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67997","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67979","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.68031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67908","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67927","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67906","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67957","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67971","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67946","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0055","scoring_system":"epss","scoring_elements":"0.67984","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15232"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182"},{"reference_url":"https://github.com/mozilla/mozjpeg/issues/268","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mozilla/mozjpeg/issues/268"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500678","reference_id":"1500678","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1500678"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878567","reference_id":"878567","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878567"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15232","reference_id":"CVE-2017-15232","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15232"},{"reference_url":"https://usn.ubuntu.com/3706-1/","reference_id":"USN-3706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2017-15232"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugd8-a68r-hugj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48088?format=json","vulnerability_id":"VCID-w4km-zqts-3bhv","summary":"Several integer overflows in libjpeg-turbo might allow an attacker\n    to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00047.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00048.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2201.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-2201.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2201","reference_id":"","reference_type":"","scores":[{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77809","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77951","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77904","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77897","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77929","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77937","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77815","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77843","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77825","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77857","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77884","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77869","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77868","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01083","scoring_system":"epss","scoring_elements":"0.77905","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-2201"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2201","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2201"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.apache.org/thread.html/rc800763a88775ac9abb83b3402bcd0913d41ac65fdfc759af38f2280%40%3Ccommits.mxnet.apache.org%3E","reference_id":"","reference_type":"","scores":[],"url":"https://lists.apache.org/thread.html/rc800763a88775ac9abb83b3402bcd0913d41ac65fdfc759af38f2280%40%3Ccommits.mxnet.apache.org%3E"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00048.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2022/05/msg00048.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4QPASQPZO644STRFTLOD35RIRGWWRNI/"},{"reference_url":"https://source.android.com/security/bulletin/2019-11-01","reference_id":"","reference_type":"","scores":[],"url":"https://source.android.com/security/bulletin/2019-11-01"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770982","reference_id":"1770982","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1770982"},{"reference_url":"https://security.archlinux.org/AVG-1067","reference_id":"AVG-1067","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1067"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-2201","reference_id":"CVE-2019-2201","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-2201"},{"reference_url":"https://security.gentoo.org/glsa/202003-23","reference_id":"GLSA-202003-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-23"},{"reference_url":"https://usn.ubuntu.com/4190-1/","reference_id":"USN-4190-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4190-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2019-2201"],"risk_score":4.2,"exploitability":"0.5","weighted_severity":"8.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w4km-zqts-3bhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83393?format=json","vulnerability_id":"VCID-zqqx-68x1-h3ak","summary":"libjpeg-turbo: Divide by zero allows for denial of service via crafted BMP image","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00015.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00015.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1152.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1152.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1152","reference_id":"","reference_type":"","scores":[{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.72955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73104","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73056","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73095","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73106","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.72967","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.72987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.72963","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73039","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73018","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73011","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73053","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00743","scoring_system":"epss","scoring_elements":"0.73063","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1152"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1152","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1152"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/01/msg00015.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2020/07/msg00033.html"},{"reference_url":"https://www.tenable.com/security/research/tra-2018-17","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/research/tra-2018-17"},{"reference_url":"http://www.securityfocus.com/bid/104543","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/104543"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1593554","reference_id":"1593554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1593554"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902950","reference_id":"902950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902950"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.90:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.90:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libjpeg-turbo:libjpeg-turbo:1.5.90:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1152","reference_id":"CVE-2018-1152","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1152"},{"reference_url":"https://usn.ubuntu.com/3706-1/","reference_id":"USN-3706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-1/"},{"reference_url":"https://usn.ubuntu.com/3706-2/","reference_id":"USN-3706-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994480?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-d73e-m4f8-73bc"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}],"aliases":["CVE-2018-1152"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zqqx-68x1-h3ak"}],"risk_score":"2.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4"}