Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/151971?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/151971?format=api", "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1:1.7.0.161-2.6.12.0?arch=el7_4", "type": "rpm", "namespace": "redhat", "name": "java-1.7.0-openjdk", "version": "1:1.7.0.161-2.6.12.0", "qualifiers": { "arch": "el7_4" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96646?format=api", "vulnerability_id": "VCID-1yy8-wakm-2bbf", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded, JRockit executes to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10356.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10356.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72416", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72402", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72443", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.7245", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.7243", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:N/A:N" }, { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101413", "reference_id": "101413", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "http://www.securityfocus.com/bid/101413" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169", "reference_id": "1503169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1503169" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10356" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yy8-wakm-2bbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96642?format=api", "vulnerability_id": "VCID-5ezs-uny5-yfav", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10348.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101354", "reference_id": "101354", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "http://www.securityfocus.com/bid/101354" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629", "reference_id": "1502629", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502629" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:26Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10348" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ezs-uny5-yfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96634?format=api", "vulnerability_id": "VCID-73an-57th-63dx", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64861", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64872", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64883", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64873", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64831", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101319", "reference_id": "101319", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "http://www.securityfocus.com/bid/101319" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868", "reference_id": "1501868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501868" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK", "reference_id": "Synology_SA_17_66_OpenJDK", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:01Z/" } ], "url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10285" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73an-57th-63dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96633?format=api", "vulnerability_id": "VCID-7d52-4e7w-ake3", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10281.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101378", "reference_id": "101378", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "http://www.securityfocus.com/bid/101378" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649", "reference_id": "1502649", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502649" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10281" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7d52-4e7w-ake3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96640?format=api", "vulnerability_id": "VCID-7w9d-e32p-hbbe", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10346.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10346.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64861", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64831", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64873", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64883", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64872", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.7", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:C/I:C/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101315", "reference_id": "101315", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "http://www.securityfocus.com/bid/101315" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873", "reference_id": "1501873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1501873" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK", "reference_id": "Synology_SA_17_66_OpenJDK", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:59Z/" } ], "url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10346" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7w9d-e32p-hbbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96636?format=api", "vulnerability_id": "VCID-8fk9-xykz-rqex", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.0 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10295.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10295.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54192", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.5416", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54217", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54226", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00307", "scoring_system": "epss", "scoring_elements": "0.54215", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:P/A:N" }, { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101384", "reference_id": "101384", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "http://www.securityfocus.com/bid/101384" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687", "reference_id": "1502687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502687" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:45:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10295" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fk9-xykz-rqex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96643?format=api", "vulnerability_id": "VCID-956r-wdqw-tfgn", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAXP). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101348", "reference_id": "101348", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "http://www.securityfocus.com/bid/101348" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611", "reference_id": "1502611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502611" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10349" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-956r-wdqw-tfgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96629?format=api", "vulnerability_id": "VCID-bf5n-sj46-eqd4", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10193.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10193.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50118", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50084", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50112", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50127", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.50057", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10078", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10108", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10108" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10109", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10109" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:N/A:N" }, { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1038931", "reference_id": "1038931", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "http://www.securitytracker.com/id/1038931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471715", "reference_id": "1471715", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1471715" }, { "reference_url": "http://www.securityfocus.com/bid/99854", "reference_id": "99854", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "http://www.securityfocus.com/bid/99854" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3919", "reference_id": "dsa-3919", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3919" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3954", "reference_id": "dsa-3954", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3954" }, { "reference_url": "https://security.gentoo.org/glsa/201709-22", "reference_id": "GLSA-201709-22", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://security.gentoo.org/glsa/201709-22" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20170720-0001/", "reference_id": "ntap-20170720-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20170720-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1789", "reference_id": "RHSA-2017:1789", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1790", "reference_id": "RHSA-2017:1790", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1791", "reference_id": "RHSA-2017:1791", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1792", "reference_id": "RHSA-2017:1792", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:40Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://usn.ubuntu.com/3366-1/", "reference_id": "USN-3366-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3366-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10193" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bf5n-sj46-eqd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96641?format=api", "vulnerability_id": "VCID-gerb-jsa1-47ch", "summary": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10347.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10347.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101382", "reference_id": "101382", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "http://www.securityfocus.com/bid/101382" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632", "reference_id": "1502632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502632" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:27Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10347" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gerb-jsa1-47ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96630?format=api", "vulnerability_id": "VCID-gsup-q256-7fbw", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131; JRockit: R28.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. While the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10198.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10198.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40883", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40863", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.4094", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40944", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40913", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10078", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10078" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10087", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10087" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10089", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10089" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10090", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10090" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10108", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10108" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10109", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10109" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10118", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10118" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:N/A:N" }, { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securitytracker.com/id/1038931", "reference_id": "1038931", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "http://www.securitytracker.com/id/1038931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472320", "reference_id": "1472320", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1472320" }, { "reference_url": "http://www.securityfocus.com/bid/99818", "reference_id": "99818", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "http://www.securityfocus.com/bid/99818" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3919", "reference_id": "dsa-3919", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3919" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3954", "reference_id": "dsa-3954", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "http://www.debian.org/security/2017/dsa-3954" }, { "reference_url": "https://security.gentoo.org/glsa/201709-22", "reference_id": "GLSA-201709-22", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://security.gentoo.org/glsa/201709-22" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20170720-0001/", "reference_id": "ntap-20170720-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20170720-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1789", "reference_id": "RHSA-2017:1789", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1789" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1790", "reference_id": "RHSA-2017:1790", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1790" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1791", "reference_id": "RHSA-2017:1791", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1791" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1792", "reference_id": "RHSA-2017:1792", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:1792" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://usn.ubuntu.com/3366-1/", "reference_id": "USN-3366-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3366-1/" }, { "reference_url": "https://cert.vde.com/en-us/advisories/vde-2017-002", "reference_id": "vde-2017-002", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:50:37Z/" } ], "url": "https://cert.vde.com/en-us/advisories/vde-2017-002" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10198" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gsup-q256-7fbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96644?format=api", "vulnerability_id": "VCID-h1sf-pmwh-rudp", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JAX-WS). Supported versions that are affected are Java SE: 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10350.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101341", "reference_id": "101341", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "http://www.securityfocus.com/bid/101341" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640", "reference_id": "1502640", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502640" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10350" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1sf-pmwh-rudp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96645?format=api", "vulnerability_id": "VCID-nhmd-bdfc-t3h2", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10355.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10355.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06365", "scoring_system": "epss", "scoring_elements": "0.91169", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.06365", "scoring_system": "epss", "scoring_elements": "0.91164", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06365", "scoring_system": "epss", "scoring_elements": "0.91176", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.06365", "scoring_system": "epss", "scoring_elements": "0.91173", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101369", "reference_id": "101369", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "http://www.securityfocus.com/bid/101369" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869", "reference_id": "1502869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502869" }, { "reference_url": "https://blogs.securiteam.com/index.php/archives/3271", "reference_id": "CVE-2017-10355", "reference_type": "exploit", "scores": [], "url": "https://blogs.securiteam.com/index.php/archives/3271" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/44057.md", "reference_id": "CVE-2017-10355", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/44057.md" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:22Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10355" ], "risk_score": 9.6, "exploitability": "2.0", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhmd-bdfc-t3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96647?format=api", "vulnerability_id": "VCID-q4r7-tkps-7bgf", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10357.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10357.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69907", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6988", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69928", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00602", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101355", "reference_id": "101355", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "http://www.securityfocus.com/bid/101355" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614", "reference_id": "1502614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502614" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:35:21Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10357" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q4r7-tkps-7bgf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96639?format=api", "vulnerability_id": "VCID-q68e-jrne-rkdn", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144; JRockit: R28.3.15. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10345.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70574", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70552", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70594", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70603", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00624", "scoring_system": "epss", "scoring_elements": "0.70586", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.6", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:P" }, { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101396", "reference_id": "101396", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "http://www.securityfocus.com/bid/101396" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858", "reference_id": "1502858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502858" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T15:43:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10345" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q68e-jrne-rkdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96648?format=api", "vulnerability_id": "VCID-xgeh-g2bz-bqhj", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: Applies to the Java SE Kerberos client. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10388.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10388.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.698", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69811", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.6982", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69812", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00597", "scoring_system": "epss", "scoring_elements": "0.69773", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10388" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:C/I:C/A:N" }, { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101321", "reference_id": "101321", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "http://www.securityfocus.com/bid/101321" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038", "reference_id": "1502038", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502038" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3264", "reference_id": "RHSA-2017:3264", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3264" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3267", "reference_id": "RHSA-2017:3267", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3268", "reference_id": "RHSA-2017:3268", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3268" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3453", "reference_id": "RHSA-2017:3453", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3453" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK", "reference_id": "Synology_SA_17_66_OpenJDK", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:38:56Z/" } ], "url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10388" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgeh-g2bz-bqhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96632?format=api", "vulnerability_id": "VCID-ybvw-8hr6-33bu", "summary": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Smart Card IO). Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data as well as unauthorized access to critical data or complete access to all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10274.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10274.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71639", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71651", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71665", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71689", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00667", "scoring_system": "epss", "scoring_elements": "0.71683", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10355" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10356" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10388" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:H/Au:N/C:C/I:C/A:N" }, { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/101333", "reference_id": "101333", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "http://www.securityfocus.com/bid/101333" }, { "reference_url": "http://www.securitytracker.com/id/1039596", "reference_id": "1039596", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "http://www.securitytracker.com/id/1039596" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053", "reference_id": "1502053", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1502053" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4015", "reference_id": "dsa-4015", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4015" }, { "reference_url": "https://www.debian.org/security/2017/dsa-4048", "reference_id": "dsa-4048", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://www.debian.org/security/2017/dsa-4048" }, { "reference_url": "https://security.gentoo.org/glsa/201710-31", "reference_id": "GLSA-201710-31", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://security.gentoo.org/glsa/201710-31" }, { "reference_url": "https://security.gentoo.org/glsa/201711-14", "reference_id": "GLSA-201711-14", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://security.gentoo.org/glsa/201711-14" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html", "reference_id": "msg00033.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00033.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20171019-0001/", "reference_id": "ntap-20171019-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20171019-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2998", "reference_id": "RHSA-2017:2998", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2999", "reference_id": "RHSA-2017:2999", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:2999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3046", "reference_id": "RHSA-2017:3046", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3047", "reference_id": "RHSA-2017:3047", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3047" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3392", "reference_id": "RHSA-2017:3392", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2017:3392" }, { "reference_url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK", "reference_id": "Synology_SA_17_66_OpenJDK", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T15:39:02Z/" } ], "url": "https://www.synology.com/support/security/Synology_SA_17_66_OpenJDK" }, { "reference_url": "https://usn.ubuntu.com/3473-1/", "reference_id": "USN-3473-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3473-1/" }, { "reference_url": "https://usn.ubuntu.com/3497-1/", "reference_id": "USN-3497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3497-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2017-10274" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ybvw-8hr6-33bu" } ], "fixing_vulnerabilities": [], "risk_score": "9.6", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.0-openjdk@1:1.7.0.161-2.6.12.0%3Farch=el7_4" }