{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76360?format=json","vulnerability_id":"VCID-kn4p-ttw7-fbh4","summary":"An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.","aliases":[{"alias":"CVE-2018-11213"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/102350?format=json","purl":"pkg:deb/debian/libjpeg9@1:9c-1?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg9@1:9c-1%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/102346?format=json","purl":"pkg:deb/debian/libjpeg9@1:9f-2?distro=sid","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg9@1:9f-2%3Fdistro=sid"},{"url":"http://public2.vulnerablecode.io/api/packages/102319?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:1.4.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:1.4.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5999?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:1.5.1-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-67vg-8z1v-zuf9"},{"vulnerability":"VCID-azrp-h98s-9bbd"},{"vulnerability":"VCID-mprx-u9vn-97cz"},{"vulnerability":"VCID-n1my-119m-t7bv"},{"vulnerability":"VCID-pfv2-zf8y-yqbb"},{"vulnerability":"VCID-rms6-9xf7-7uch"},{"vulnerability":"VCID-u5xq-bjn4-7ye1"},{"vulnerability":"VCID-wa2f-7d94-yud3"},{"vulnerability":"VCID-wrph-jqrb-4qef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:1.5.1-2"},{"url":"http://public2.vulnerablecode.io/api/packages/102310?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.0.6-4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-yckb-ne2z-8bea"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.0.6-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102308?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.1.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.1.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102313?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:2.1.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:2.1.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/102312?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:3.1.3-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:3.1.3-4%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5998?format=json","purl":"pkg:deb/debian/libjpeg-turbo@1:1.3.1-12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-67vg-8z1v-zuf9"},{"vulnerability":"VCID-ajz3-daf4-nbay"},{"vulnerability":"VCID-azrp-h98s-9bbd"},{"vulnerability":"VCID-dguz-ebv3-1qas"},{"vulnerability":"VCID-kn4p-ttw7-fbh4"},{"vulnerability":"VCID-mprx-u9vn-97cz"},{"vulnerability":"VCID-n1my-119m-t7bv"},{"vulnerability":"VCID-pfv2-zf8y-yqbb"},{"vulnerability":"VCID-rms6-9xf7-7uch"},{"vulnerability":"VCID-u5xq-bjn4-7ye1"},{"vulnerability":"VCID-wa2f-7d94-yud3"},{"vulnerability":"VCID-wrph-jqrb-4qef"},{"vulnerability":"VCID-xekx-aq25-abgz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libjpeg-turbo@1:1.3.1-12"},{"url":"http://public2.vulnerablecode.io/api/packages/147757?format=json","purl":"pkg:rpm/redhat/libjpeg-turbo@1.2.90-8?arch=el7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-67vg-8z1v-zuf9"},{"vulnerability":"VCID-ajz3-daf4-nbay"},{"vulnerability":"VCID-dguz-ebv3-1qas"},{"vulnerability":"VCID-kn4p-ttw7-fbh4"},{"vulnerability":"VCID-n1my-119m-t7bv"},{"vulnerability":"VCID-xekx-aq25-abgz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libjpeg-turbo@1.2.90-8%3Farch=el7"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11213.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-11213.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11213","reference_id":"","reference_type":"","scores":[{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77917","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77945","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77951","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77942","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77931","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01054","scoring_system":"epss","scoring_elements":"0.77949","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11213"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11213","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11213"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579979","reference_id":"1579979","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1579979"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902176","reference_id":"902176","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2052","reference_id":"RHSA-2019:2052","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2052"},{"reference_url":"https://usn.ubuntu.com/3706-1/","reference_id":"USN-3706-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-1/"},{"reference_url":"https://usn.ubuntu.com/3706-2/","reference_id":"USN-3706-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3706-2/"},{"reference_url":"https://usn.ubuntu.com/5497-1/","reference_id":"USN-5497-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5497-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5336-1/","reference_id":"USN-USN-5336-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5336-1/"},{"reference_url":"https://usn.ubuntu.com/USN-5497-2/","reference_id":"USN-USN-5497-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5497-2/"}],"weaknesses":[{"cwe_id":125,"name":"Out-of-bounds Read","description":"The product reads data past the end, or before the beginning, of the intended buffer."}],"exploits":[],"severity_range_score":"5.3 - 5.3","exploitability":"0.5","weighted_severity":"4.8","risk_score":2.4,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kn4p-ttw7-fbh4"}