{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/595?format=json","vulnerability_id":"VCID-e7y9-a7eb-23c1","summary":"Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp.","aliases":[{"alias":"CVE-2018-11531"},{"alias":"PYSEC-2018-130"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://github.com/Exiv2/exiv2/issues/283","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://github.com/Exiv2/exiv2/issues/283"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://lists.debian.org/debian-lts-announce/2018/06/msg00010.html"},{"reference_url":"https://security.gentoo.org/glsa/201811-14","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://security.gentoo.org/glsa/201811-14"},{"reference_url":"https://usn.ubuntu.com/3700-1/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://usn.ubuntu.com/3700-1/"},{"reference_url":"https://www.debian.org/security/2018/dsa-4238","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://www.debian.org/security/2018/dsa-4238"}],"weaknesses":[],"exploits":[],"severity_range_score":"9.8 - 9.8","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7y9-a7eb-23c1"}