{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65835?format=json","vulnerability_id":"VCID-rj5c-pc4n-nbdp","summary":"Exiv2: Exiv2: Denial of service via out-of-bounds read in CRW image parser","aliases":[{"alias":"CVE-2026-25884"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/195903?format=json","purl":"pkg:deb/debian/exiv2@0.28.8%2Bdfsg-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.8%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/93830?format=json","purl":"pkg:deb/debian/exiv2@0.28.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.8%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/191561?format=json","purl":"pkg:ebuild/media-gfx/exiv2@0.28.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/media-gfx/exiv2@0.28.8"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/6197?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rj5c-pc4n-nbdp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/93829?format=json","purl":"pkg:deb/debian/exiv2@0.27.3-3%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7mk5-kjpw-g7gs"},{"vulnerability":"VCID-9f5s-42d2-dkfh"},{"vulnerability":"VCID-an21-gwsh-27d3"},{"vulnerability":"VCID-gy1q-vkwb-eqcv"},{"vulnerability":"VCID-hexv-f1ap-cqea"},{"vulnerability":"VCID-pn59-u7sf-uqdd"},{"vulnerability":"VCID-rj5c-pc4n-nbdp"},{"vulnerability":"VCID-t3as-qbf3-u3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.3-3%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195901?format=json","purl":"pkg:deb/debian/exiv2@0.27.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rj5c-pc4n-nbdp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.6-1"},{"url":"http://public2.vulnerablecode.io/api/packages/93827?format=json","purl":"pkg:deb/debian/exiv2@0.27.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7mk5-kjpw-g7gs"},{"vulnerability":"VCID-9f5s-42d2-dkfh"},{"vulnerability":"VCID-gy1q-vkwb-eqcv"},{"vulnerability":"VCID-hexv-f1ap-cqea"},{"vulnerability":"VCID-pn59-u7sf-uqdd"},{"vulnerability":"VCID-rj5c-pc4n-nbdp"},{"vulnerability":"VCID-t3as-qbf3-u3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.27.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/195902?format=json","purl":"pkg:deb/debian/exiv2@0.28.5%2Bdfsg-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rj5c-pc4n-nbdp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.5%252Bdfsg-1"},{"url":"http://public2.vulnerablecode.io/api/packages/93831?format=json","purl":"pkg:deb/debian/exiv2@0.28.5%2Bdfsg-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-7mk5-kjpw-g7gs"},{"vulnerability":"VCID-9f5s-42d2-dkfh"},{"vulnerability":"VCID-hexv-f1ap-cqea"},{"vulnerability":"VCID-rj5c-pc4n-nbdp"},{"vulnerability":"VCID-t3as-qbf3-u3f1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exiv2@0.28.5%252Bdfsg-1%3Fdistro=trixie"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25884.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25884.json"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443992","reference_id":"2443992","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2443992"},{"reference_url":"https://security.gentoo.org/glsa/202603-01","reference_id":"GLSA-202603-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202603-01"}],"weaknesses":[],"exploits":[],"severity_range_score":"5.3 - 5.3","exploitability":"0.5","weighted_severity":"4.8","risk_score":2.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rj5c-pc4n-nbdp"}