{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/36549?format=json","vulnerability_id":"VCID-a2tx-5gg2-ebak","summary":"Multiple vulnerabilities have been found in Pango, the worst of\n    which allow execution of arbitrary code or Denial of Service.","aliases":[{"alias":"CVE-2011-0020"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934428?format=json","purl":"pkg:deb/debian/pango1.0@1.28.3-1%2Bsqueeze1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.28.3-1%252Bsqueeze1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1037937?format=json","purl":"pkg:deb/debian/pango1.0@1.28.3-1%2Bsqueeze2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.28.3-1%252Bsqueeze2"},{"url":"http://public2.vulnerablecode.io/api/packages/934423?format=json","purl":"pkg:deb/debian/pango1.0@1.46.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.46.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934421?format=json","purl":"pkg:deb/debian/pango1.0@1.50.12%2Bds-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.50.12%252Bds-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934426?format=json","purl":"pkg:deb/debian/pango1.0@1.56.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.56.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934424?format=json","purl":"pkg:deb/debian/pango1.0@1.57.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.57.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934425?format=json","purl":"pkg:deb/debian/pango1.0@1.57.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.57.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1066839?format=json","purl":"pkg:deb/debian/pango1.0@1.57.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.57.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/74494?format=json","purl":"pkg:ebuild/x11-libs/pango@1.28.3-r1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/x11-libs/pango@1.28.3-r1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037932?format=json","purl":"pkg:deb/debian/pango1.0@1.0.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"},{"vulnerability":"VCID-aq8b-jdtz-sua5"},{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"},{"vulnerability":"VCID-pwrz-qmw8-3qgq"},{"vulnerability":"VCID-wgkb-c5ny-pfg5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.0.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/1037933?format=json","purl":"pkg:deb/debian/pango1.0@1.8.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"},{"vulnerability":"VCID-aq8b-jdtz-sua5"},{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"},{"vulnerability":"VCID-pwrz-qmw8-3qgq"},{"vulnerability":"VCID-wgkb-c5ny-pfg5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.8.1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037934?format=json","purl":"pkg:deb/debian/pango1.0@1.14.8-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"},{"vulnerability":"VCID-aq8b-jdtz-sua5"},{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"},{"vulnerability":"VCID-pwrz-qmw8-3qgq"},{"vulnerability":"VCID-wgkb-c5ny-pfg5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.14.8-5"},{"url":"http://public2.vulnerablecode.io/api/packages/1037935?format=json","purl":"pkg:deb/debian/pango1.0@1.14.8-5%2Betch1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"},{"vulnerability":"VCID-aq8b-jdtz-sua5"},{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"},{"vulnerability":"VCID-pwrz-qmw8-3qgq"},{"vulnerability":"VCID-wgkb-c5ny-pfg5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.14.8-5%252Betch1"},{"url":"http://public2.vulnerablecode.io/api/packages/1037936?format=json","purl":"pkg:deb/debian/pango1.0@1.20.5-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"},{"vulnerability":"VCID-aq8b-jdtz-sua5"},{"vulnerability":"VCID-dzpc-cu9r-cfam"},{"vulnerability":"VCID-j9wd-5mav-47cx"},{"vulnerability":"VCID-pjvc-337r-nucz"},{"vulnerability":"VCID-pwrz-qmw8-3qgq"},{"vulnerability":"VCID-wgkb-c5ny-pfg5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pango1.0@1.20.5-6"},{"url":"http://public2.vulnerablecode.io/api/packages/127406?format=json","purl":"pkg:rpm/redhat/evolution28-pango@1.14.9-13?arch=el4_10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/evolution28-pango@1.14.9-13%3Farch=el4_10"},{"url":"http://public2.vulnerablecode.io/api/packages/127404?format=json","purl":"pkg:rpm/redhat/pango@1.14.9-8.el5_6?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/pango@1.14.9-8.el5_6%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/127405?format=json","purl":"pkg:rpm/redhat/pango@1.28.1-3.el6_0?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-a2tx-5gg2-ebak"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/pango@1.28.1-3.el6_0%3Farch=3"}],"references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/18/6","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/18/6"},{"reference_url":"http://openwall.com/lists/oss-security/2011/01/20/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2011/01/20/2"},{"reference_url":"http://osvdb.org/70596","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70596"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0020.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0020","reference_id":"","reference_type":"","scores":[{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90429","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90366","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90368","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90381","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90385","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90399","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90405","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90413","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90406","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90422","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90421","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90419","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90433","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05692","scoring_system":"epss","scoring_elements":"0.90432","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0020"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616"},{"reference_url":"https://bugzilla.gnome.org/show_bug.cgi?id=639882","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.gnome.org/show_bug.cgi?id=639882"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0020"},{"reference_url":"http://secunia.com/advisories/42934","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/42934"},{"reference_url":"http://secunia.com/advisories/43100","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43100"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64832","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/64832"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0180.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0180.html"},{"reference_url":"http://www.securityfocus.com/bid/45842","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/45842"},{"reference_url":"http://www.securitytracker.com/id?1024994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id?1024994"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0186","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0186"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0238","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0238"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610792","reference_id":"610792","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610792"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=671122","reference_id":"671122","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=671122"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnome:pango:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnome:pango:1.28.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnome:pango:1.28.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnome:pango:1.28.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:pango:1.28.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:0.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:0.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.17:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.17:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.17:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.18:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.18:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.18:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.19:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.19:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.19:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.27:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.27:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.27:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:pango:pango:1.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:pango:pango:1.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0020","reference_id":"CVE-2011-0020","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0020"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35232.txt","reference_id":"CVE-2011-0020;OSVDB-70596","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/35232.txt"},{"reference_url":"https://www.securityfocus.com/bid/45842/info","reference_id":"CVE-2011-0020;OSVDB-70596","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/45842/info"},{"reference_url":"https://security.gentoo.org/glsa/201405-13","reference_id":"GLSA-201405-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0180","reference_id":"RHSA-2011:0180","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0180"},{"reference_url":"https://usn.ubuntu.com/1082-1/","reference_id":"USN-1082-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1082-1/"}],"weaknesses":[{"cwe_id":122,"name":"Heap-based Buffer Overflow","description":"A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc()."},{"cwe_id":119,"name":"Improper Restriction of Operations within the Bounds of a Memory Buffer","description":"The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer."}],"exploits":[{"date_added":"2011-01-18","description":"Pango Font Parsing - 'pangoft2-render.c' Heap Corruption","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2011-01-18","exploit_type":"remote","platform":"linux","source_date_updated":"2014-11-14","data_source":"Exploit-DB","source_url":"https://www.securityfocus.com/bid/45842/info"}],"severity_range_score":"7.6 - 7.6","exploitability":"2.0","weighted_severity":"6.8","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a2tx-5gg2-ebak"}