Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/99851?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "poppler", "version": "22.12.0-2+deb12u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "22.12.0-2+deb12u2", "latest_non_vulnerable_version": "26.01.0-5", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25332?format=api", "vulnerability_id": "VCID-cv4u-nbcu-s7fa", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09822", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09787", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09837", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103545", "reference_id": "1103545", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361067", "reference_id": "2361067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361067" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669", "reference_id": "f1b9c830f145a0042e853d6462b2f9ca4016c669", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-21T02:50:50Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669" }, { "reference_url": "https://usn.ubuntu.com/7471-1/", "reference_id": "USN-7471-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7471-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99898?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-43903" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cv4u-nbcu-s7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25504?format=api", "vulnerability_id": "VCID-v1aa-5adk-c7db", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50420", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38459", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38643", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38654", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00172", "scoring_system": "epss", "scoring_elements": "0.38632", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-50420" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50420", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-50420" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110463", "reference_id": "1110463", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110463" }, { "reference_url": "https://github.com/Landw-hub/CVE-2025-50420", "reference_id": "CVE-2025-50420", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/" } ], "url": "https://github.com/Landw-hub/CVE-2025-50420" }, { "reference_url": "http://freedesktop.com", "reference_id": "freedesktop.com", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/" } ], "url": "http://freedesktop.com" }, { "reference_url": "http://poppler.com", "reference_id": "poppler.com", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-04T19:38:23Z/" } ], "url": "http://poppler.com" }, { "reference_url": "https://usn.ubuntu.com/7708-1/", "reference_id": "USN-7708-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7708-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99899?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-50420" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1aa-5adk-c7db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25543?format=api", "vulnerability_id": "VCID-wxga-ac2q-5yfk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51557", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51684", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51699", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51688", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203", "reference_id": "04bd91684ed41d67ae0f10cde0660e4ed74ac203", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/04bd91684ed41d67ae0f10cde0660e4ed74ac203" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108784", "reference_id": "1108784", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108784" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581", "reference_id": "1581", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1581" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828", "reference_id": "1828", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1828" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375930", "reference_id": "2375930", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375930" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5", "reference_id": "ac36affcc8486de38e8905a8d6547a3464ff46e5", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ac36affcc8486de38e8905a8d6547a3464ff46e5" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/", "reference_id": "GHSL-2025-054_poppler", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:59:12Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2025-054_poppler/" }, { "reference_url": "https://security.gentoo.org/glsa/202509-01", "reference_id": "GLSA-202509-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-01" }, { "reference_url": "https://usn.ubuntu.com/7675-1/", "reference_id": "USN-7675-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7675-1/" }, { "reference_url": "https://usn.ubuntu.com/7687-1/", "reference_id": "USN-7687-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7687-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99901?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-52886" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wxga-ac2q-5yfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22245?format=api", "vulnerability_id": "VCID-yyqx-rr9p-u3f3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6239.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-6239.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6239", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31834", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3185", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31646", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31833", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6239" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6239", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6239" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074146", "reference_id": "1074146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074146" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-6239", "reference_id": "CVE-2024-6239", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-6239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:5305", "reference_id": "RHSA-2024:5305", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:5305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9167", "reference_id": "RHSA-2024:9167", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9167" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293594", "reference_id": "show_bug.cgi?id=2293594", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-24T15:14:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293594" }, { "reference_url": "https://usn.ubuntu.com/6915-1/", "reference_id": "USN-6915-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6915-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99893?format=api", "purl": "pkg:deb/debian/poppler@24.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@24.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-6239" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyqx-rr9p-u3f3" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2978?format=api", "vulnerability_id": "VCID-1bah-gcv8-mkf4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38492", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38665", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38687", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38677", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322", "reference_id": "1500322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231", "reference_id": "877231", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14928" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1bah-gcv8-mkf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2952?format=api", "vulnerability_id": "VCID-1t2t-2yy2-9bdc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31017", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31212", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31227", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31208", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165", "reference_id": "1499165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086", "reference_id": "876086", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14519" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1t2t-2yy2-9bdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183739?format=api", "vulnerability_id": "VCID-1uur-1hg7-c3gp", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96337", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96348", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.9635", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96353", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762", "reference_id": "1024762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt" }, { "reference_url": "https://www.securityfocus.com/bid/63374/info", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/63374/info" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99874?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4474" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1uur-1hg7-c3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183740?format=api", "vulnerability_id": "VCID-1x44-b855-r3gy", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7296.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7296.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7296", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85619", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85671", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.8568", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02482", "scoring_system": "epss", "scoring_elements": "0.85673", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7296" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199", "reference_id": "1048199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1048199" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-7296" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1x44-b855-r3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76486?format=api", "vulnerability_id": "VCID-2c88-4eqr-13hz", "summary": "A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatternFill` function. This overflow leads to an undersized heap memory allocation, allowing a subsequent out-of-bounds write. Successful exploitation could result in arbitrary code execution, information disclosure, or denial of service within the context of the application processing the PDF.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10118.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10118.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10118", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33463", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33285", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33467", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33488", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10118" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138708", "reference_id": "1138708", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138708" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715", "reference_id": "1715", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/work_items/1715" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1", "reference_id": "cpe:/a:redhat:hummingbird:1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:hummingbird:1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.2", "reference_id": "cpe:/o:redhat:enterprise_linux:10.2", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.2" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2026-10118", "reference_id": "CVE-2026-10118", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2026-10118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24984", "reference_id": "RHSA-2026:24984", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:24984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:24985", "reference_id": "RHSA-2026:24985", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:24985" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:25058", "reference_id": "RHSA-2026:25058", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:25058" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460428", "reference_id": "show_bug.cgi?id=2460428", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-06-01T19:33:55Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2460428" }, { "reference_url": "https://usn.ubuntu.com/8400-1/", "reference_id": "USN-8400-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8400-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99895?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99897?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99902?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-4.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-4.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10118" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2c88-4eqr-13hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201656?format=api", "vulnerability_id": "VCID-2hvf-914j-5kh5", "summary": "xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in the way it processes JBIG2 PDF stream objects.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63774", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63876", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6389", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63888", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105", "reference_id": "580105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99869?format=api", "purl": "pkg:deb/debian/poppler@0.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0206" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2hvf-914j-5kh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4259?format=api", "vulnerability_id": "VCID-2ynq-17xv-y7h4", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73796", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73871", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73886", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73885", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435", "reference_id": "1466435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477", "reference_id": "867477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9865" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ynq-17xv-y7h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2977?format=api", "vulnerability_id": "VCID-3ahh-9hdk-4yet", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35964", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36144", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36166", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36155", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324", "reference_id": "1500324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237", "reference_id": "877237", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14927" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ahh-9hdk-4yet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201882?format=api", "vulnerability_id": "VCID-3c4v-g5dz-syhb", "summary": "DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74087", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.7416", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74174", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74172", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377", "reference_id": "647377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705", "reference_id": "722705", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99869?format=api", "purl": "pkg:deb/debian/poppler@0.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-5110" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3c4v-g5dz-syhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175952?format=api", "vulnerability_id": "VCID-3gx3-mpgs-8fbz", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94136", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94157", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94162", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94163", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "reference_id": "526637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1513", "reference_id": "RHSA-2009:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3608" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gx3-mpgs-8fbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2953?format=api", "vulnerability_id": "VCID-3juf-dtfg-kudm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45125", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45275", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45287", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582", "reference_id": "1494582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081", "reference_id": "876081", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14520" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3juf-dtfg-kudm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2959?format=api", "vulnerability_id": "VCID-51rg-mf9w-t7d1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67423", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67514", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67527", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67525", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905", "reference_id": "1499905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385", "reference_id": "876385", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14617" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51rg-mf9w-t7d1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6347?format=api", "vulnerability_id": "VCID-582k-vsd9-eqd8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01932", "scoring_system": "epss", "scoring_elements": "0.83779", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01932", "scoring_system": "epss", "scoring_elements": "0.83836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01932", "scoring_system": "epss", "scoring_elements": "0.83844", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01932", "scoring_system": "epss", "scoring_elements": "0.83841", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453", "reference_id": "1797453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812", "reference_id": "933812", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3977", "reference_id": "RHSA-2020:3977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4643", "reference_id": "RHSA-2020:4643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4643" }, { "reference_url": "https://usn.ubuntu.com/4091-1/", "reference_id": "USN-4091-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4091-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-14494" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-582k-vsd9-eqd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6010?format=api", "vulnerability_id": "VCID-5c73-196n-wubw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.7661", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76679", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76689", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638", "reference_id": "1696638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530", "reference_id": "926530", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99883?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-10872" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5c73-196n-wubw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181259?format=api", "vulnerability_id": "VCID-69js-yzx7-ckaa", "summary": "KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n making them vulnerable to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3626.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3626", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09167", "scoring_system": "epss", "scoring_elements": "0.92874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.09167", "scoring_system": "epss", "scoring_elements": "0.92897", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.09167", "scoring_system": "epss", "scoring_elements": "0.92899", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3626" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617828", "reference_id": "1617828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617828" }, { "reference_url": "https://security.gentoo.org/glsa/200601-02", "reference_id": "GLSA-200601-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-02" }, { "reference_url": "https://security.gentoo.org/glsa/200601-17", "reference_id": "GLSA-200601-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0163", "reference_id": "RHSA-2006:0163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0177", "reference_id": "RHSA-2006:0177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0177" }, { "reference_url": "https://usn.ubuntu.com/236-1/", "reference_id": "USN-236-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-1/" }, { "reference_url": "https://usn.ubuntu.com/236-2/", "reference_id": "USN-236-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99857?format=api", "purl": "pkg:deb/debian/poppler@0.4.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3626" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69js-yzx7-ckaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23515?format=api", "vulnerability_id": "VCID-6jg8-sa2c-vqhr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2195", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21772", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21962", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21974", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190", "reference_id": "1102190", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574", "reference_id": "1574", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657", "reference_id": "2357657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_id": "d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99894?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-32364" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jg8-sa2c-vqhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8017?format=api", "vulnerability_id": "VCID-6zfy-56dx-d7dh", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39811", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39981", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40004", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39993", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524", "reference_id": "2234524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742", "reference_id": "742", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-18839" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zfy-56dx-d7dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175960?format=api", "vulnerability_id": "VCID-71r7-7b3a-tbdd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60917", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61024", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61033", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.6103", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773", "reference_id": "487773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936", "reference_id": "789936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99872?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-7?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-7%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2012-2142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71r7-7b3a-tbdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175956?format=api", "vulnerability_id": "VCID-73w4-4dz1-sqbh", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3703", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78656", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78722", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78739", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78735", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3703" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356", "reference_id": "639356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99870?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3703" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73w4-4dz1-sqbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3873?format=api", "vulnerability_id": "VCID-78ym-rwhm-vfap", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44424", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44577", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44596", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44582", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827", "reference_id": "1456827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759", "reference_id": "863759", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7511" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-78ym-rwhm-vfap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5374?format=api", "vulnerability_id": "VCID-838r-h4a7-gkdp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65588", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65686", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65697", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65693", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850", "reference_id": "1753850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99877?format=api", "purl": "pkg:deb/debian/poppler@0.69.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.69.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-21009" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-838r-h4a7-gkdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5339?format=api", "vulnerability_id": "VCID-8gxn-x1jf-hkaa", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58185", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58298", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58314", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.58302", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263", "reference_id": "1665263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974", "reference_id": "917974", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20650" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gxn-x1jf-hkaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4736?format=api", "vulnerability_id": "VCID-8m9t-swvc-p3h7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72399", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.7248", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.72495", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00696", "scoring_system": "epss", "scoring_elements": "0.7249", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838", "reference_id": "1602838", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922", "reference_id": "904922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3757-1/", "reference_id": "USN-3757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3757-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99877?format=api", "purl": "pkg:deb/debian/poppler@0.69.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.69.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-13988" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8m9t-swvc-p3h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185545?format=api", "vulnerability_id": "VCID-8qpz-9suz-nkas", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06485", "scoring_system": "epss", "scoring_elements": "0.91299", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06485", "scoring_system": "epss", "scoring_elements": "0.91329", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.06485", "scoring_system": "epss", "scoring_elements": "0.91337", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.06485", "scoring_system": "epss", "scoring_elements": "0.91334", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345111", "reference_id": "345111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99862?format=api", "purl": "pkg:deb/debian/poppler@0.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5392" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qpz-9suz-nkas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5920?format=api", "vulnerability_id": "VCID-8rsw-fsha-fue4", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47761", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47902", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47918", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47903", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133", "reference_id": "926133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-10018" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8rsw-fsha-fue4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201657?format=api", "vulnerability_id": "VCID-91re-rv3x-rqas", "summary": "In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of service (application crash) in xpdf-based PDF viewers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63774", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63876", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6389", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63888", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738", "reference_id": "583738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99869?format=api", "purl": "pkg:deb/debian/poppler@0.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0207" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-91re-rv3x-rqas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25542?format=api", "vulnerability_id": "VCID-987a-aay7-m3gv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08519", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08554", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08559", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08557", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-52885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52885" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117853", "reference_id": "1117853", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117853" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884", "reference_id": "1884", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884#note_3114334", "reference_id": "1884#note_3114334", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1884#note_3114334" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403224", "reference_id": "2403224", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403224" }, { "reference_url": "https://securitylab.github.com/advisories/GHSL-2025-042_poppler/", "reference_id": "GHSL-2025-042_poppler", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-14T14:59:44Z/" } ], "url": "https://securitylab.github.com/advisories/GHSL-2025-042_poppler/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7364", "reference_id": "RHSA-2026:7364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7364" }, { "reference_url": "https://usn.ubuntu.com/7858-1/", "reference_id": "USN-7858-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7858-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99895?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99897?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99900?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-11.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-11.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-52885" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-987a-aay7-m3gv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12317?format=api", "vulnerability_id": "VCID-9bj9-1a5v-pbgr", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27156", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27359", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27379", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27582", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971", "reference_id": "1018971", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527", "reference_id": "2124527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2259", "reference_id": "RHSA-2023:2259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2810", "reference_id": "RHSA-2023:2810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2810" }, { "reference_url": "https://usn.ubuntu.com/5606-1/", "reference_id": "USN-5606-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5606-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99890?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-38784" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bj9-1a5v-pbgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12258?format=api", "vulnerability_id": "VCID-9dtb-hdzd-u7ay", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20061", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.2023", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20254", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20234", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274", "reference_id": "1274", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527", "reference_id": "2234527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_id": "dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37050" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9dtb-hdzd-u7ay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175941?format=api", "vulnerability_id": "VCID-9hqc-4htt-d3fq", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92719", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92744", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.09619", "scoring_system": "epss", "scoring_elements": "0.93084", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892", "reference_id": "495892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1180" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hqc-4htt-d3fq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181260?format=api", "vulnerability_id": "VCID-9rdv-f3ft-6bd7", "summary": "KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n making them vulnerable to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3627.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04327", "scoring_system": "epss", "scoring_elements": "0.89152", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04327", "scoring_system": "epss", "scoring_elements": "0.8919", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04327", "scoring_system": "epss", "scoring_elements": "0.89198", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3627" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617829", "reference_id": "1617829", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617829" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076", "reference_id": "346076", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076" }, { "reference_url": "https://security.gentoo.org/glsa/200601-02", "reference_id": "GLSA-200601-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-02" }, { "reference_url": "https://security.gentoo.org/glsa/200601-17", "reference_id": "GLSA-200601-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0163", "reference_id": "RHSA-2006:0163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0177", "reference_id": "RHSA-2006:0177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0177" }, { "reference_url": "https://usn.ubuntu.com/236-1/", "reference_id": "USN-236-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-1/" }, { "reference_url": "https://usn.ubuntu.com/236-2/", "reference_id": "USN-236-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99858?format=api", "purl": "pkg:deb/debian/poppler@0.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3627" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rdv-f3ft-6bd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5342?format=api", "vulnerability_id": "VCID-aa3r-pgza-jyf3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69678", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69768", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69782", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69779", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273", "reference_id": "1665273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158", "reference_id": "918158", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20662" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aa3r-pgza-jyf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7434?format=api", "vulnerability_id": "VCID-aa44-dbs9-ukch", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81215", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81275", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01451", "scoring_system": "epss", "scoring_elements": "0.81283", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340", "reference_id": "1732340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776", "reference_id": "941776", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9959" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aa44-dbs9-ukch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3875?format=api", "vulnerability_id": "VCID-acbr-4xvd-t7aw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.442", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44354", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44372", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44361", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066", "reference_id": "1459066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-7515" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acbr-4xvd-t7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181258?format=api", "vulnerability_id": "VCID-bbfr-73v1-a3an", "summary": "KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n making them vulnerable to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3625.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11286", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.11286", "scoring_system": "epss", "scoring_elements": "0.93716", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.11286", "scoring_system": "epss", "scoring_elements": "0.9372", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.11286", "scoring_system": "epss", "scoring_elements": "0.93722", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3625" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617827", "reference_id": "1617827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617827" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076", "reference_id": "346076", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076" }, { "reference_url": "https://security.gentoo.org/glsa/200601-02", "reference_id": "GLSA-200601-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-02" }, { "reference_url": "https://security.gentoo.org/glsa/200601-17", "reference_id": "GLSA-200601-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0163", "reference_id": "RHSA-2006:0163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0177", "reference_id": "RHSA-2006:0177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0177" }, { "reference_url": "https://usn.ubuntu.com/236-1/", "reference_id": "USN-236-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-1/" }, { "reference_url": "https://usn.ubuntu.com/236-2/", "reference_id": "USN-236-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99858?format=api", "purl": "pkg:deb/debian/poppler@0.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3625" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bbfr-73v1-a3an" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175936?format=api", "vulnerability_id": "VCID-bvyn-44jg-4yhf", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10043", "scoring_system": "epss", "scoring_elements": "0.93235", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.10043", "scoring_system": "epss", "scoring_elements": "0.93257", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.10043", "scoring_system": "epss", "scoring_elements": "0.93259", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.10043", "scoring_system": "epss", "scoring_elements": "0.9326", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625", "reference_id": "490625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0166" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvyn-44jg-4yhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175961?format=api", "vulnerability_id": "VCID-bzwn-r1v2-wugm", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88905", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88943", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88949", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108", "reference_id": "917108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99873?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1788" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzwn-r1v2-wugm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/584?format=api", "vulnerability_id": "VCID-c7r2-rtag-6fc8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.78319", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.78386", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.784", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.78396", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225", "reference_id": "1326225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578", "reference_id": "822578", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578" }, { "reference_url": "https://security.gentoo.org/glsa/201611-15", "reference_id": "GLSA-201611-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2580", "reference_id": "RHSA-2016:2580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2580" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99875?format=api", "purl": "pkg:deb/debian/poppler@0.38.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.38.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-8868" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c7r2-rtag-6fc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2990?format=api", "vulnerability_id": "VCID-cepf-h763-ybat", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78415", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78482", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78497", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78494", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343", "reference_id": "1500343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957", "reference_id": "877957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14975" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cepf-h763-ybat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4244?format=api", "vulnerability_id": "VCID-cmr1-22sy-73cq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73521", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73434", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73508", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00742", "scoring_system": "epss", "scoring_elements": "0.73523", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442", "reference_id": "1466442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680", "reference_id": "865680", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9775" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmr1-22sy-73cq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177648?format=api", "vulnerability_id": "VCID-ct52-g5wx-97ht", "summary": "Multiple vulnerabilities have been discovered in T1Lib, the worst\n of which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15628", "scoring_system": "epss", "scoring_elements": "0.94853", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.15628", "scoring_system": "epss", "scoring_elements": "0.9487", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.15628", "scoring_system": "epss", "scoring_elements": "0.94876", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.15628", "scoring_system": "epss", "scoring_elements": "0.94879", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1552" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=692853", "reference_id": "692853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692853" }, { "reference_url": "https://security.gentoo.org/glsa/201701-57", "reference_id": "GLSA-201701-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-57" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0062", "reference_id": "RHSA-2012:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0137", "reference_id": "RHSA-2012:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1335-1/", "reference_id": "USN-1335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1335-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1552" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ct52-g5wx-97ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7368?format=api", "vulnerability_id": "VCID-cty1-bszm-pkac", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84709", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84761", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.8477", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84762", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802", "reference_id": "1686802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673", "reference_id": "926673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9631" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cty1-bszm-pkac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/204920?format=api", "vulnerability_id": "VCID-dj26-nk4s-7bfg", "summary": "In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41013", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41179", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.412", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.4119", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167", "reference_id": "1499167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222", "reference_id": "877222", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14929" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dj26-nk4s-7bfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21741?format=api", "vulnerability_id": "VCID-du44-2ycu-yuhx", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54138", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54268", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54281", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.54264", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322", "reference_id": "1091322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553", "reference_id": "1553", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794", "reference_id": "2333794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_id": "ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621", "reference_id": "CMakeLists.txt#L621", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621" }, { "reference_url": "https://usn.ubuntu.com/7213-1/", "reference_id": "USN-7213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99892?format=api", "purl": "pkg:deb/debian/poppler@24.08.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@24.08.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-56378" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du44-2ycu-yuhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/206769?format=api", "vulnerability_id": "VCID-e83m-gvkw-tkch", "summary": "In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51661", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.5179", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51802", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51787", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99885?format=api", "purl": "pkg:deb/debian/poppler@0.22.5-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.22.5-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-12957" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e83m-gvkw-tkch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175953?format=api", "vulnerability_id": "VCID-e9tv-pg4d-tydb", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0506", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0506", "scoring_system": "epss", "scoring_elements": "0.90035", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90888", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90917", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "reference_id": "526893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1513", "reference_id": "RHSA-2009:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0755", "reference_id": "RHSA-2010:0755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0755" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3609" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9tv-pg4d-tydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175946?format=api", "vulnerability_id": "VCID-eb51-kw8e-n7gm", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95911", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95912", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907", "reference_id": "495907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779", "reference_id": "575779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1188" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb51-kw8e-n7gm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/164326?format=api", "vulnerability_id": "VCID-f48v-3xuz-bkgk", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70435", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70526", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.7054", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.70536", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977", "reference_id": "1510977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066", "reference_id": "879066", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066" }, { "reference_url": "https://usn.ubuntu.com/3467-1/", "reference_id": "USN-3467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-15565" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f48v-3xuz-bkgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175949?format=api", "vulnerability_id": "VCID-f6bg-89su-vfab", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3605.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89234", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89271", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.8928", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89279", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840", "reference_id": "491840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3605" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6bg-89su-vfab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4973?format=api", "vulnerability_id": "VCID-f96j-mha4-hbc7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.83279", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.8334", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.83348", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01821", "scoring_system": "epss", "scoring_elements": "0.83345", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618", "reference_id": "1626618", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802", "reference_id": "909802", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16646" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f96j-mha4-hbc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7423?format=api", "vulnerability_id": "VCID-fbkt-t2yv-u3a2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70773", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70864", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70876", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0063", "scoring_system": "epss", "scoring_elements": "0.70874", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724", "reference_id": "1691724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264", "reference_id": "925264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9903" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbkt-t2yv-u3a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4205?format=api", "vulnerability_id": "VCID-fghs-xbsj-2ugz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77915", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77983", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77996", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.7799", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702", "reference_id": "1458702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009", "reference_id": "864009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9408" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fghs-xbsj-2ugz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12298?format=api", "vulnerability_id": "VCID-fne9-wc5j-xbar", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05717", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05709", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05735", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282", "reference_id": "1282", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630", "reference_id": "2251630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_id": "4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99889?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-38349" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fne9-wc5j-xbar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5181?format=api", "vulnerability_id": "VCID-fy5f-5uww-muf8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34987", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35165", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35189", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35166", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450", "reference_id": "1649450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182", "reference_id": "913182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-19060" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fy5f-5uww-muf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200554?format=api", "vulnerability_id": "VCID-g84a-z8t1-8ud2", "summary": "The Adobe PDF specification 1.3, as implemented by (a) xpdf 3.0.1 patch 2, (b) kpdf in KDE before 3.5.5, (c) poppler before 0.5.4, and other products, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0104.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16563", "scoring_system": "epss", "scoring_elements": "0.95064", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.16563", "scoring_system": "epss", "scoring_elements": "0.9508", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.16563", "scoring_system": "epss", "scoring_elements": "0.95081", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.16563", "scoring_system": "epss", "scoring_elements": "0.95083", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-0104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0104" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852", "reference_id": "406852", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=406852" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=428126", "reference_id": "428126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=428126" }, { "reference_url": "https://usn.ubuntu.com/410-1/", "reference_id": "USN-410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/410-1/" }, { "reference_url": "https://usn.ubuntu.com/410-2/", "reference_id": "USN-410-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/410-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99860?format=api", "purl": "pkg:deb/debian/poppler@0.4.5-5.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.5-5.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-0104" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g84a-z8t1-8ud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2976?format=api", "vulnerability_id": "VCID-gaxf-gk9f-53bd", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38492", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38665", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38687", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38677", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323", "reference_id": "1500323", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239", "reference_id": "877239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14926" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gaxf-gk9f-53bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175954?format=api", "vulnerability_id": "VCID-gca8-349c-73h7", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3938.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87782", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87823", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87829", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87828", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680", "reference_id": "534680", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=537471", "reference_id": "537471", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=537471" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99867?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-2.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-2.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3938" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gca8-349c-73h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6155?format=api", "vulnerability_id": "VCID-gf8u-tzj2-qbej", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76775", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76846", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.7686", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76853", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582", "reference_id": "1713582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423", "reference_id": "929423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99883?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-12293" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gf8u-tzj2-qbej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5314?format=api", "vulnerability_id": "VCID-gfsm-nb4x-muca", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79241", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79306", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79319", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.79314", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266", "reference_id": "1665266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325", "reference_id": "917325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20481" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfsm-nb4x-muca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7183?format=api", "vulnerability_id": "VCID-hh2h-1kts-kkbk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48246", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48383", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48401", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00247", "scoring_system": "epss", "scoring_elements": "0.48387", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419", "reference_id": "1672419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215", "reference_id": "921215", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215" }, { "reference_url": "https://security.archlinux.org/AVG-869", "reference_id": "AVG-869", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-869" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-7310" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh2h-1kts-kkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4245?format=api", "vulnerability_id": "VCID-htrz-zrgz-vyhc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.798", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79724", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79789", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79807", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443", "reference_id": "1466443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679", "reference_id": "865679", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2550", "reference_id": "RHSA-2017:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9776" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-htrz-zrgz-vyhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201386?format=api", "vulnerability_id": "VCID-j3mq-jrnz-aqec", "summary": "The JBIG2Stream::readSymbolDictSeg function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file that triggers a parsing error, which is not properly handled by JBIG2SymbolDict::~JBIG2SymbolDict and triggers an invalid memory dereference.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0756.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14855", "scoring_system": "epss", "scoring_elements": "0.94674", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.14855", "scoring_system": "epss", "scoring_elements": "0.94692", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.14855", "scoring_system": "epss", "scoring_elements": "0.94699", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.14855", "scoring_system": "epss", "scoring_elements": "0.94701", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=488339", "reference_id": "488339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488339" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478", "reference_id": "518478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0756" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j3mq-jrnz-aqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2950?format=api", "vulnerability_id": "VCID-jetx-np5j-6yfs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46059", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46204", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46212", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.46197", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162", "reference_id": "1499162", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079", "reference_id": "876079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14517" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jetx-np5j-6yfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7329?format=api", "vulnerability_id": "VCID-jprb-tm8h-1ke3", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03439", "scoring_system": "epss", "scoring_elements": "0.87762", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03439", "scoring_system": "epss", "scoring_elements": "0.87803", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03439", "scoring_system": "epss", "scoring_elements": "0.87809", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03439", "scoring_system": "epss", "scoring_elements": "0.87807", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632", "reference_id": "1683632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414", "reference_id": "923414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3905-1/", "reference_id": "USN-3905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3905-1/" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9200" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jprb-tm8h-1ke3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175943?format=api", "vulnerability_id": "VCID-jvje-ybwm-2fge", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1182", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91724", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91752", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07752", "scoring_system": "epss", "scoring_elements": "0.92163", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.07752", "scoring_system": "epss", "scoring_elements": "0.92161", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896", "reference_id": "495896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1182" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvje-ybwm-2fge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6172?format=api", "vulnerability_id": "VCID-jxkb-2uha-8ub3", "summary": "", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52135", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52265", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52276", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.52259", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99884?format=api", "purl": "pkg:deb/debian/poppler@0.44.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.44.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-12493" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jxkb-2uha-8ub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175959?format=api", "vulnerability_id": "VCID-kktu-nv47-yqh2", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64942", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.65041", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.65053", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6505", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181", "reference_id": "672181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99869?format=api", "purl": "pkg:deb/debian/poppler@0.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4654" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kktu-nv47-yqh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5170?format=api", "vulnerability_id": "VCID-km98-j7kk-wuak", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3538", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35557", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3558", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35563", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546", "reference_id": "1646546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164", "reference_id": "913164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-18897" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-km98-j7kk-wuak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176795?format=api", "vulnerability_id": "VCID-kvrd-wcyy-wugd", "summary": "Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n Poppler potentially resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3191.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.8695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.86996", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.87006", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.87002", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3191" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617796", "reference_id": "1617796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617796" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281", "reference_id": "342281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288", "reference_id": "342288", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288" }, { "reference_url": "https://security.gentoo.org/glsa/200512-08", "reference_id": "GLSA-200512-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200512-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:867", "reference_id": "RHSA-2005:867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:878", "reference_id": "RHSA-2005:878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://usn.ubuntu.com/227-1/", "reference_id": "USN-227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99856?format=api", "purl": "pkg:deb/debian/poppler@0.4.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3191" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kvrd-wcyy-wugd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8578?format=api", "vulnerability_id": "VCID-m1sy-d3m6-57ct", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.49018", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48877", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.49014", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.49031", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013", "reference_id": "1013", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510", "reference_id": "2231510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-36023" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1sy-d3m6-57ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177044?format=api", "vulnerability_id": "VCID-maks-dh3b-s3ar", "summary": "PDFKit and ImageKits are vulnerable to an integer overflow and a stack\n overflow allowing for the user-assisted execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25208", "scoring_system": "epss", "scoring_elements": "0.96315", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.25208", "scoring_system": "epss", "scoring_elements": "0.96326", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.25208", "scoring_system": "epss", "scoring_elements": "0.96328", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.25208", "scoring_system": "epss", "scoring_elements": "0.96331", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=248194", "reference_id": "248194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=248194" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460", "reference_id": "435460", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462", "reference_id": "435462", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462" }, { "reference_url": "https://security.gentoo.org/glsa/200709-12", "reference_id": "GLSA-200709-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200709-12" }, { "reference_url": "https://security.gentoo.org/glsa/200709-17", "reference_id": "GLSA-200709-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200709-17" }, { "reference_url": "https://security.gentoo.org/glsa/200710-08", "reference_id": "GLSA-200710-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-08" }, { "reference_url": "https://security.gentoo.org/glsa/200710-20", "reference_id": "GLSA-200710-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0720", "reference_id": "RHSA-2007:0720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0729", "reference_id": "RHSA-2007:0729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0730", "reference_id": "RHSA-2007:0730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0731", "reference_id": "RHSA-2007:0731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0732", "reference_id": "RHSA-2007:0732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0735", "reference_id": "RHSA-2007:0735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0735" }, { "reference_url": "https://usn.ubuntu.com/496-1/", "reference_id": "USN-496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/496-1/" }, { "reference_url": "https://usn.ubuntu.com/496-2/", "reference_id": "USN-496-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/496-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99861?format=api", "purl": "pkg:deb/debian/poppler@0.5.4-6.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.5.4-6.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-3387" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-maks-dh3b-s3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5179?format=api", "vulnerability_id": "VCID-mnve-z78e-mud7", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51357", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51488", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51502", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51489", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435", "reference_id": "1649435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177", "reference_id": "913177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-19058" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mnve-z78e-mud7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4406?format=api", "vulnerability_id": "VCID-mpy8-4ptc-dybc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83428", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83488", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83497", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83494", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169", "reference_id": "1576169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99879?format=api", "purl": "pkg:deb/debian/poppler@0.38.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.38.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-10768" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mpy8-4ptc-dybc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6011?format=api", "vulnerability_id": "VCID-mun2-8cdg-v7gp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00788", "scoring_system": "epss", "scoring_elements": "0.74295", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00788", "scoring_system": "epss", "scoring_elements": "0.74368", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00788", "scoring_system": "epss", "scoring_elements": "0.74381", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00788", "scoring_system": "epss", "scoring_elements": "0.74378", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637", "reference_id": "1696637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532", "reference_id": "926532", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-10873" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mun2-8cdg-v7gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176797?format=api", "vulnerability_id": "VCID-myqv-mjx7-67hj", "summary": "Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n Poppler potentially resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3193.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.8695", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.86996", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.87006", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03031", "scoring_system": "epss", "scoring_elements": "0.87002", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3193" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617798", "reference_id": "1617798", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617798" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281", "reference_id": "342281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288", "reference_id": "342288", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288" }, { "reference_url": "https://security.gentoo.org/glsa/200512-08", "reference_id": "GLSA-200512-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200512-08" }, { "reference_url": "https://security.gentoo.org/glsa/200603-02", "reference_id": "GLSA-200603-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200603-02" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:867", "reference_id": "RHSA-2005:867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:878", "reference_id": "RHSA-2005:878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://usn.ubuntu.com/227-1/", "reference_id": "USN-227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99856?format=api", "purl": "pkg:deb/debian/poppler@0.4.2-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.2-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3193" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myqv-mjx7-67hj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175938?format=api", "vulnerability_id": "VCID-n6qs-bdsw-xbfy", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.77024", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.77095", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.77108", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.77102", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495886", "reference_id": "495886", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0799" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n6qs-bdsw-xbfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6158?format=api", "vulnerability_id": "VCID-n7y1-g3qa-sbdm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56966", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57086", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.571", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.57093", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876", "reference_id": "1850876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99879?format=api", "purl": "pkg:deb/debian/poppler@0.38.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.38.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-12360" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7y1-g3qa-sbdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/197309?format=api", "vulnerability_id": "VCID-nt8m-vyh6-tfhm", "summary": "arbitrary code execution", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35702.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-35702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63553", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63655", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63669", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63666", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-35702" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912912", "reference_id": "1912912", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1912912" }, { "reference_url": "https://security.archlinux.org/ASA-202101-3", "reference_id": "ASA-202101-3", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202101-3" }, { "reference_url": "https://security.archlinux.org/AVG-1382", "reference_id": "AVG-1382", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1382" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-35702" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nt8m-vyh6-tfhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/200127?format=api", "vulnerability_id": "VCID-nuce-p2rd-4qg4", "summary": "xpdf and kpdf do not properly validate the \"loca\" table in PDF files, which allows local users to cause a denial of service (disk consumption and hang) via a PDF file with a \"broken\" loca table, which causes a large temporary file to be created when xpdf attempts to reconstruct the information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2097.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22026", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22217", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22228", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22205", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-2097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617684", "reference_id": "1617684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617684" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462", "reference_id": "322462", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322462" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464", "reference_id": "324464", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=324464" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:670", "reference_id": "RHSA-2005:670", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:670" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:671", "reference_id": "RHSA-2005:671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:706", "reference_id": "RHSA-2005:706", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:706" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:708", "reference_id": "RHSA-2005:708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:708" }, { "reference_url": "https://usn.ubuntu.com/163-1/", "reference_id": "USN-163-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/163-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99852?format=api", "purl": "pkg:deb/debian/poppler@0.4.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-2097" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nuce-p2rd-4qg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/180393?format=api", "vulnerability_id": "VCID-nyvf-mkqj-suhv", "summary": "Poppler does not handle fonts inside PDF files safely, allowing for\n execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.92044", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.92071", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.92077", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.92074", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722", "reference_id": "441722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842", "reference_id": "476842", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842" }, { "reference_url": "https://security.gentoo.org/glsa/200804-18", "reference_id": "GLSA-200804-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0238", "reference_id": "RHSA-2008:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0238" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0239", "reference_id": "RHSA-2008:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0240", "reference_id": "RHSA-2008:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0262", "reference_id": "RHSA-2008:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0262" }, { "reference_url": "https://usn.ubuntu.com/603-1/", "reference_id": "USN-603-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-1/" }, { "reference_url": "https://usn.ubuntu.com/603-2/", "reference_id": "USN-603-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99863?format=api", "purl": "pkg:deb/debian/poppler@0.6.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.6.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-1693" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nyvf-mkqj-suhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175951?format=api", "vulnerability_id": "VCID-pf72-q669-a7ap", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3607.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91566", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91595", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91603", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.916", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924", "reference_id": "526924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3607" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pf72-q669-a7ap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6009?format=api", "vulnerability_id": "VCID-pfkd-2d3r-pubu", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70736", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70827", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70839", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70837", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636", "reference_id": "1696636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529", "reference_id": "926529", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-10871" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfkd-2d3r-pubu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183417?format=api", "vulnerability_id": "VCID-pus9-7td3-tqag", "summary": "Multiple vulnerabilities in Xpdf could result in execution of\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85529", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.8558", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85589", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85581", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614", "reference_id": "541614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1680", "reference_id": "RHSA-2009:1680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1681", "reference_id": "RHSA-2009:1681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1682", "reference_id": "RHSA-2009:1682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1682" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99868?format=api", "purl": "pkg:deb/debian/poppler@0.5.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.5.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-4035" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pus9-7td3-tqag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3311?format=api", "vulnerability_id": "VCID-px4h-3dp2-d7bz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51166", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51297", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5131", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.51298", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777", "reference_id": "1578777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357", "reference_id": "898357", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99877?format=api", "purl": "pkg:deb/debian/poppler@0.69.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.69.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-18267" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-px4h-3dp2-d7bz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175939?format=api", "vulnerability_id": "VCID-pyx9-cgtr-4fhr", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92793", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92817", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.09785", "scoring_system": "epss", "scoring_elements": "0.93156", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.09785", "scoring_system": "epss", "scoring_elements": "0.93155", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887", "reference_id": "495887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0800" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pyx9-cgtr-4fhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5329?format=api", "vulnerability_id": "VCID-pzqd-5nqk-v3dv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54486", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54612", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54628", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259", "reference_id": "1665259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525", "reference_id": "917525", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99880?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20551" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pzqd-5nqk-v3dv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175934?format=api", "vulnerability_id": "VCID-q4wu-g376-7ffd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05325", "scoring_system": "epss", "scoring_elements": "0.90261", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.05325", "scoring_system": "epss", "scoring_elements": "0.90291", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.05325", "scoring_system": "epss", "scoring_elements": "0.903", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.05325", "scoring_system": "epss", "scoring_elements": "0.90298", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614", "reference_id": "490614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0147" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4wu-g376-7ffd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175963?format=api", "vulnerability_id": "VCID-q6eh-bpcs-h7ga", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86399", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.8645", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.8646", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86458", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111", "reference_id": "917111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99873?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1790" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6eh-bpcs-h7ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175940?format=api", "vulnerability_id": "VCID-qmrs-szxk-yqda", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96572", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96583", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.33789", "scoring_system": "epss", "scoring_elements": "0.97074", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.33789", "scoring_system": "epss", "scoring_elements": "0.97073", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889", "reference_id": "495889", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1179" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmrs-szxk-yqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5180?format=api", "vulnerability_id": "VCID-qyed-vat5-xkf5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3182", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32007", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32023", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32002", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440", "reference_id": "1649440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180", "reference_id": "913180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-19059" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qyed-vat5-xkf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4203?format=api", "vulnerability_id": "VCID-r9cm-ckgr-1bbb", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77915", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77983", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77996", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.7799", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701", "reference_id": "1458701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010", "reference_id": "864010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99878?format=api", "purl": "pkg:deb/debian/poppler@0.57.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.57.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9406" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9cm-ckgr-1bbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12259?format=api", "vulnerability_id": "VCID-rnag-2539-4fgv", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13971", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14093", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14091", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.14065", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528", "reference_id": "2234528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37051" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rnag-2539-4fgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175962?format=api", "vulnerability_id": "VCID-saqq-yvut-fqd8", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1789.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1789.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1789", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02846", "scoring_system": "epss", "scoring_elements": "0.86537", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02846", "scoring_system": "epss", "scoring_elements": "0.86587", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02846", "scoring_system": "epss", "scoring_elements": "0.86597", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02846", "scoring_system": "epss", "scoring_elements": "0.86594", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1789" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917109", "reference_id": "917109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917109" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-1789" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-saqq-yvut-fqd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25325?format=api", "vulnerability_id": "VCID-shnf-n27k-zue6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43718.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43718.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43718", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0102", "published_at": "2026-06-14T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.01012", "published_at": "2026-06-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0101", "published_at": "2026-06-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.01016", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43718" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046", "reference_id": "1117046", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117046" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400893", "reference_id": "2400893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400893" }, { "reference_url": "https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-43718.md", "reference_id": "CVE-2025-43718.md", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:15:35Z/" } ], "url": "https://github.com/ShadowByte1/CVE-Reports/blob/main/CVE-2025-43718.md" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408", "reference_id": "f54b815672117c250420787c8c006de98e8c7408", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-01T19:15:35Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/f54b815672117c250420787c8c006de98e8c7408" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:7364", "reference_id": "RHSA-2026:7364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:7364" }, { "reference_url": "https://usn.ubuntu.com/7803-1/", "reference_id": "USN-7803-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7803-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99895?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99897?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99896?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-10?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-10%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-43718" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-shnf-n27k-zue6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175957?format=api", "vulnerability_id": "VCID-spcn-1gwj-j7e7", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.79411", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.79407", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.01262", "scoring_system": "epss", "scoring_elements": "0.79844", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01262", "scoring_system": "epss", "scoring_elements": "0.79908", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960", "reference_id": "638960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0749", "reference_id": "RHSA-2010:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0751", "reference_id": "RHSA-2010:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0752", "reference_id": "RHSA-2010:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0753", "reference_id": "RHSA-2010:0753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99870?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3704" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-spcn-1gwj-j7e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175958?format=api", "vulnerability_id": "VCID-spsd-65hy-f3b1", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.74171", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.74246", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.74258", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.74256", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165", "reference_id": "672165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99869?format=api", "purl": "pkg:deb/debian/poppler@0.16.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.16.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-4653" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-spsd-65hy-f3b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175933?format=api", "vulnerability_id": "VCID-st7p-3r2b-bqgp", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87413", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87457", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87462", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.0325", "scoring_system": "epss", "scoring_elements": "0.87459", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612", "reference_id": "490612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0146" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-st7p-3r2b-bqgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/11731?format=api", "vulnerability_id": "VCID-svtr-aw82-xqh8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47032", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47173", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.47188", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.4717", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695", "reference_id": "1010695", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190", "reference_id": "2087190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://security.gentoo.org/glsa/202509-01", "reference_id": "GLSA-202509-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7594", "reference_id": "RHSA-2022:7594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8151", "reference_id": "RHSA-2022:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8151" }, { "reference_url": "https://usn.ubuntu.com/6273-1/", "reference_id": "USN-6273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6273-1/" }, { "reference_url": "https://usn.ubuntu.com/7687-1/", "reference_id": "USN-7687-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7687-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-27337" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-svtr-aw82-xqh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8579?format=api", "vulnerability_id": "VCID-t3h5-jru9-abfa", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27615", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27403", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27605", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27631", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016", "reference_id": "1016", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520", "reference_id": "2231520", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2979", "reference_id": "RHSA-2024:2979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2979" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-36024" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3h5-jru9-abfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175948?format=api", "vulnerability_id": "VCID-tw79-8bxc-eyb8", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91973", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.92001", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.92008", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.92005", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "reference_id": "526911", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3604" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tw79-8bxc-eyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176796?format=api", "vulnerability_id": "VCID-u7rb-fd7b-yyfr", "summary": "Multiple vulnerabilities have been discovered in Xpdf, GPdf, CUPS and\n Poppler potentially resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3192.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12279", "scoring_system": "epss", "scoring_elements": "0.94021", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.12279", "scoring_system": "epss", "scoring_elements": "0.94041", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.12279", "scoring_system": "epss", "scoring_elements": "0.94046", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.12279", "scoring_system": "epss", "scoring_elements": "0.94048", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3192" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617797", "reference_id": "1617797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617797" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281", "reference_id": "342281", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342281" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288", "reference_id": "342288", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=342288" }, { "reference_url": "https://security.gentoo.org/glsa/200512-08", "reference_id": "GLSA-200512-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200512-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:867", "reference_id": "RHSA-2005:867", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:867" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:878", "reference_id": "RHSA-2005:878", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:878" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://usn.ubuntu.com/227-1/", "reference_id": "USN-227-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/227-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99857?format=api", "purl": "pkg:deb/debian/poppler@0.4.3-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.3-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3192" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7rb-fd7b-yyfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/5189?format=api", "vulnerability_id": "VCID-u8sm-e6tq-3ye6", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49813", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49949", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49968", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49955", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457", "reference_id": "1649457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600", "reference_id": "914600", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600" }, { "reference_url": "https://security.gentoo.org/glsa/201904-04", "reference_id": "GLSA-201904-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99882?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-19149" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8sm-e6tq-3ye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/201385?format=api", "vulnerability_id": "VCID-upj3-4jjw-17aj", "summary": "The FormWidgetChoice::loadDefaults function in Poppler before 0.10.4 allows remote attackers to cause a denial of service (crash) via a PDF file with an invalid Form Opt entry.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0755.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.24435", "scoring_system": "epss", "scoring_elements": "0.96232", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.24435", "scoring_system": "epss", "scoring_elements": "0.96243", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.24435", "scoring_system": "epss", "scoring_elements": "0.96246", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.24435", "scoring_system": "epss", "scoring_elements": "0.96248", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=488337", "reference_id": "488337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488337" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478", "reference_id": "518478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32800.txt", "reference_id": "CVE-2009-0756;OSVDB-51914;CVE-2009-0755", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32800.txt" }, { "reference_url": "https://www.securityfocus.com/bid/33749/info", "reference_id": "CVE-2009-0756;OSVDB-51914;CVE-2009-0755", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/33749/info" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-0755" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-upj3-4jjw-17aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/183738?format=api", "vulnerability_id": "VCID-ur8e-4qa4-vygj", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.85017", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.85069", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.85078", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.85071", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753", "reference_id": "1024753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99874?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-9?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-9%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-4473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ur8e-4qa4-vygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2992?format=api", "vulnerability_id": "VCID-urt2-gtfb-aqh8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78415", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78482", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78497", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78494", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344", "reference_id": "1500344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952", "reference_id": "877952", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14977" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-urt2-gtfb-aqh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15579?format=api", "vulnerability_id": "VCID-uyum-42ua-yqgk", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.38991", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39178", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39186", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39162", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042811", "reference_id": "1042811", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042811" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399", "reference_id": "1399", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1399" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227884", "reference_id": "2227884", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2227884" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/", "reference_id": "3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3XXL3L6RJOTLGCN7GLH2OLLNF4FJ4T7I/" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe", "reference_id": "591235c8b6c65a2eee88991b9ae73490fd9afdfe", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/591235c8b6c65a2eee88991b9ae73490fd9afdfe" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/", "reference_id": "JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ3NYJ43U2MA7COKGMJDARZUAAOP45D4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/", "reference_id": "SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SFBT75QHBWNMSDAHSXZQ2I3PBJWID36K/" }, { "reference_url": "https://usn.ubuntu.com/6273-1/", "reference_id": "USN-6273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6273-1/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/", "reference_id": "W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-09T13:46:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3H3GOWFE3C7543GMEN7LY4GWMWJ7D2G/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99891?format=api", "purl": "pkg:deb/debian/poppler@24.02.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@24.02.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-34872" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uyum-42ua-yqgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181856?format=api", "vulnerability_id": "VCID-v23j-xjam-gqgh", "summary": "Poppler is affected by a memory management issue, which could lead to the\n execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.94034", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.94054", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.9406", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.94063", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=454277", "reference_id": "454277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=454277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756", "reference_id": "489756", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756" }, { "reference_url": "https://security.gentoo.org/glsa/200807-04", "reference_id": "GLSA-200807-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-04" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/6032.py", "reference_id": "OSVDB-46806;CVE-2008-2950", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/6032.py" }, { "reference_url": "https://usn.ubuntu.com/631-1/", "reference_id": "USN-631-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/631-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99864?format=api", "purl": "pkg:deb/debian/poppler@0.8.4-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.4-1.1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2008-2950" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v23j-xjam-gqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181257?format=api", "vulnerability_id": "VCID-vacp-4vnh-1qgh", "summary": "KPdf and KWord both include vulnerable Xpdf code to handle PDF files,\n making them vulnerable to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-3624.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3624", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07223", "scoring_system": "epss", "scoring_elements": "0.91806", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.07223", "scoring_system": "epss", "scoring_elements": "0.91833", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.07223", "scoring_system": "epss", "scoring_elements": "0.91842", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.07223", "scoring_system": "epss", "scoring_elements": "0.91838", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2005-3624" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3624" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617826", "reference_id": "1617826", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617826" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076", "reference_id": "346076", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=346076" }, { "reference_url": "https://security.gentoo.org/glsa/200601-02", "reference_id": "GLSA-200601-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-02" }, { "reference_url": "https://security.gentoo.org/glsa/200601-17", "reference_id": "GLSA-200601-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200601-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:840", "reference_id": "RHSA-2005:840", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:840" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2005:868", "reference_id": "RHSA-2005:868", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2005:868" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0160", "reference_id": "RHSA-2006:0160", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0160" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0163", "reference_id": "RHSA-2006:0163", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0177", "reference_id": "RHSA-2006:0177", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0177" }, { "reference_url": "https://usn.ubuntu.com/236-1/", "reference_id": "USN-236-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-1/" }, { "reference_url": "https://usn.ubuntu.com/236-2/", "reference_id": "USN-236-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/236-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99858?format=api", "purl": "pkg:deb/debian/poppler@0.4.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2005-3624" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vacp-4vnh-1qgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2991?format=api", "vulnerability_id": "VCID-vba5-mmhj-5ydt", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78376", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78443", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78458", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78454", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345", "reference_id": "1500345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954", "reference_id": "877954", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14976" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vba5-mmhj-5ydt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175950?format=api", "vulnerability_id": "VCID-wh95-wp75-43a8", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89696", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.8973", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.05037", "scoring_system": "epss", "scoring_elements": "0.9001", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.05037", "scoring_system": "epss", "scoring_elements": "0.90008", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877", "reference_id": "526877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3606" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wh95-wp75-43a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185544?format=api", "vulnerability_id": "VCID-wrr1-g4pm-57am", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25229", "scoring_system": "epss", "scoring_elements": "0.96317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.25229", "scoring_system": "epss", "scoring_elements": "0.96328", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.25229", "scoring_system": "epss", "scoring_elements": "0.9633", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.25229", "scoring_system": "epss", "scoring_elements": "0.96333", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345101", "reference_id": "345101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99862?format=api", "purl": "pkg:deb/debian/poppler@0.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-4352" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wrr1-g4pm-57am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23516?format=api", "vulnerability_id": "VCID-x4en-273f-muhm", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20621", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20443", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2062", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20642", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191", "reference_id": "1102191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577", "reference_id": "1577", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792", "reference_id": "1792", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656", "reference_id": "2357656", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0126", "reference_id": "RHSA-2026:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0128", "reference_id": "RHSA-2026:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0130", "reference_id": "RHSA-2026:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0772", "reference_id": "RHSA-2026:0772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0773", "reference_id": "RHSA-2026:0773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0774", "reference_id": "RHSA-2026:0774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0795", "reference_id": "RHSA-2026:0795", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0796", "reference_id": "RHSA-2026:0796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0797", "reference_id": "RHSA-2026:0797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0799", "reference_id": "RHSA-2026:0799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1090", "reference_id": "RHSA-2026:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1091", "reference_id": "RHSA-2026:1091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1091" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99894?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-32365" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4en-273f-muhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8126?format=api", "vulnerability_id": "VCID-xm2y-huxv-8bcn", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53871", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.53997", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.54014", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00301", "scoring_system": "epss", "scoring_elements": "0.54", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526", "reference_id": "2234526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99886?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-23804" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xm2y-huxv-8bcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8405?format=api", "vulnerability_id": "VCID-xsuh-8xa4-zqcw", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.7861", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78693", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01116", "scoring_system": "epss", "scoring_elements": "0.78689", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712", "reference_id": "1900712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1881", "reference_id": "RHSA-2021:1881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1881" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-27778" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsuh-8xa4-zqcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175942?format=api", "vulnerability_id": "VCID-y5se-1pkh-dfcb", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85481", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85533", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85542", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85535", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894", "reference_id": "495894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1181" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y5se-1pkh-dfcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175944?format=api", "vulnerability_id": "VCID-ya2n-b2hz-n7dd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82712", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82774", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82781", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82777", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899", "reference_id": "495899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1183" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ya2n-b2hz-n7dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158153?format=api", "vulnerability_id": "VCID-ybjx-et42-wqae", "summary": "xpdfreader 4.03 is vulnerable to Buffer Overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.6744", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67531", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67544", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00526", "scoring_system": "epss", "scoring_elements": "0.67542", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40226" }, { "reference_url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42185", "reference_id": "viewtopic.php?f=3&t=42185", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-01T17:56:37Z/" } ], "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=42185" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-40226" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybjx-et42-wqae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177647?format=api", "vulnerability_id": "VCID-yggq-aec9-9yg3", "summary": "Multiple vulnerabilities have been discovered in T1Lib, the worst\n of which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.28735", "scoring_system": "epss", "scoring_elements": "0.96654", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.28735", "scoring_system": "epss", "scoring_elements": "0.96665", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.28735", "scoring_system": "epss", "scoring_elements": "0.96666", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.28735", "scoring_system": "epss", "scoring_elements": "0.96668", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-0764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0764" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=692909", "reference_id": "692909", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692909" }, { "reference_url": "https://security.gentoo.org/glsa/201701-57", "reference_id": "GLSA-201701-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-57" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0062", "reference_id": "RHSA-2012:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0137", "reference_id": "RHSA-2012:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1316-1/", "reference_id": "USN-1316-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1316-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-0764" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yggq-aec9-9yg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2951?format=api", "vulnerability_id": "VCID-yhch-kybj-gyak", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50897", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5103", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.51045", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.51032", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163", "reference_id": "1499163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082", "reference_id": "876082", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-14518" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhch-kybj-gyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175955?format=api", "vulnerability_id": "VCID-yjj4-6g7g-6ueu", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0763", "scoring_system": "epss", "scoring_elements": "0.92061", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0763", "scoring_system": "epss", "scoring_elements": "0.92088", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.09179", "scoring_system": "epss", "scoring_elements": "0.92902", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.09179", "scoring_system": "epss", "scoring_elements": "0.92903", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245", "reference_id": "595245", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0749", "reference_id": "RHSA-2010:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0750", "reference_id": "RHSA-2010:0750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0751", "reference_id": "RHSA-2010:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0752", "reference_id": "RHSA-2010:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0753", "reference_id": "RHSA-2010:0753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0754", "reference_id": "RHSA-2010:0754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0755", "reference_id": "RHSA-2010:0755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99870?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-3702" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yjj4-6g7g-6ueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177650?format=api", "vulnerability_id": "VCID-yt8e-94rc-g7hw", "summary": "Multiple vulnerabilities have been discovered in T1Lib, the worst\n of which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1554.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04256", "scoring_system": "epss", "scoring_elements": "0.89055", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.04256", "scoring_system": "epss", "scoring_elements": "0.89093", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.04256", "scoring_system": "epss", "scoring_elements": "0.89101", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1554" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1554" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=692856", "reference_id": "692856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692856" }, { "reference_url": "https://security.gentoo.org/glsa/201701-57", "reference_id": "GLSA-201701-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-57" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0062", "reference_id": "RHSA-2012:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0137", "reference_id": "RHSA-2012:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1335-1/", "reference_id": "USN-1335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1335-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1554" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yt8e-94rc-g7hw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6027?format=api", "vulnerability_id": "VCID-z3fb-y3dq-u3b5", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67038", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.6713", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.67144", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862", "reference_id": "1699862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721", "reference_id": "926721", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99881?format=api", "purl": "pkg:deb/debian/poppler@0.85.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.85.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11026" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3fb-y3dq-u3b5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/177649?format=api", "vulnerability_id": "VCID-z72y-7nh4-dkfh", "summary": "Multiple vulnerabilities have been discovered in T1Lib, the worst\n of which could lead to remote execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1553.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03179", "scoring_system": "epss", "scoring_elements": "0.87245", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03179", "scoring_system": "epss", "scoring_elements": "0.8729", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03179", "scoring_system": "epss", "scoring_elements": "0.87297", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03179", "scoring_system": "epss", "scoring_elements": "0.87294", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1553" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=692854", "reference_id": "692854", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=692854" }, { "reference_url": "https://security.gentoo.org/glsa/201701-57", "reference_id": "GLSA-201701-57", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201701-57" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0062", "reference_id": "RHSA-2012:0062", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0062" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0137", "reference_id": "RHSA-2012:0137", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0137" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1335-1/", "reference_id": "USN-1335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1335-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99871?format=api", "purl": "pkg:deb/debian/poppler@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1553" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z72y-7nh4-dkfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/12260?format=api", "vulnerability_id": "VCID-zdqq-kwrc-sbfs", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08047", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08082", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08078", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278", "reference_id": "1278", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530", "reference_id": "2234530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c", "reference_id": "8677500399fc2548fa816b619580c2c07915a98c", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99888?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99887?format=api", "purl": "pkg:deb/debian/poppler@22.08.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.08.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-37052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdqq-kwrc-sbfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175947?format=api", "vulnerability_id": "VCID-zkb3-cjh3-pqew", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.91123", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.91155", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.91161", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.9116", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "reference_id": "526915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99866?format=api", "purl": "pkg:deb/debian/poppler@0.12.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-3603" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkb3-cjh3-pqew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/181426?format=api", "vulnerability_id": "VCID-zkqh-4s2u-87ha", "summary": "KPdf includes vulnerable Xpdf code to handle PDF files, making it\n vulnerable to the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03084", "scoring_system": "epss", "scoring_elements": "0.87065", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.03084", "scoring_system": "epss", "scoring_elements": "0.87111", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.03084", "scoring_system": "epss", "scoring_elements": "0.8712", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.03084", "scoring_system": "epss", "scoring_elements": "0.87117", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-0301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0301" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617882", "reference_id": "1617882", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1617882" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785", "reference_id": "350785", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=350785" }, { "reference_url": "https://security.gentoo.org/glsa/200602-04", "reference_id": "GLSA-200602-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200602-04" }, { "reference_url": "https://security.gentoo.org/glsa/200602-05", "reference_id": "GLSA-200602-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200602-05" }, { "reference_url": "https://security.gentoo.org/glsa/200602-12", "reference_id": "GLSA-200602-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200602-12" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0201", "reference_id": "RHSA-2006:0201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0201" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0206", "reference_id": "RHSA-2006:0206", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0206" }, { "reference_url": "https://usn.ubuntu.com/249-1/", "reference_id": "USN-249-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/249-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99859?format=api", "purl": "pkg:deb/debian/poppler@0.4.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-0301" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkqh-4s2u-87ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/185546?format=api", "vulnerability_id": "VCID-zmkr-y4ax-9ffc", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14085", "scoring_system": "epss", "scoring_elements": "0.94518", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.14085", "scoring_system": "epss", "scoring_elements": "0.94537", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.14085", "scoring_system": "epss", "scoring_elements": "0.94544", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5393" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345121", "reference_id": "345121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345121" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1023", "reference_id": "RHSA-2007:1023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1028", "reference_id": "RHSA-2007:1028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1031", "reference_id": "RHSA-2007:1031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1051", "reference_id": "RHSA-2007:1051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1051" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99862?format=api", "purl": "pkg:deb/debian/poppler@0.6.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.6.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-5393" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmkr-y4ax-9ffc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/175945?format=api", "vulnerability_id": "VCID-zq6f-8sc9-mubd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1187.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.9742", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97429", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97431", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97432", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495906", "reference_id": "495906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99865?format=api", "purl": "pkg:deb/debian/poppler@0.10.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.10.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2009-1187" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zq6f-8sc9-mubd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2326?format=api", "vulnerability_id": "VCID-zqst-cujq-3ybc", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72923", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.73001", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.73016", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.73014", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382", "reference_id": "1531382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/99876?format=api", "purl": "pkg:deb/debian/poppler@0.61.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.61.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99853?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2c88-4eqr-13hz" }, { "vulnerability": "VCID-987a-aay7-m3gv" }, { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-shnf-n27k-zue6" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99851?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-cv4u-nbcu-s7fa" }, { "vulnerability": "VCID-v1aa-5adk-c7db" }, { "vulnerability": "VCID-wxga-ac2q-5yfk" }, { "vulnerability": "VCID-yyqx-rr9p-u3f3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99855?format=api", "purl": "pkg:deb/debian/poppler@25.03.0-5%2Bdeb13u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@25.03.0-5%252Bdeb13u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/99854?format=api", "purl": "pkg:deb/debian/poppler@26.01.0-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@26.01.0-5%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-1000456" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqst-cujq-3ybc" } ], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1%3Fdistro=trixie" }