Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/373123?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/373123?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p8-1", "type": "alpm", "namespace": "archlinux", "name": "ntp", "version": "4.2.8.p8-1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.2.8.p9-1", "latest_non_vulnerable_version": "4.2.8.p14-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84750?format=api", "vulnerability_id": "VCID-1dne-8jh8-xbhw", "summary": "ntp: Broken initial sync calculations regression", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7433.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7433.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7433", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91393", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91359", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91384", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91382", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91312", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91323", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.9133", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91342", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06848", "scoring_system": "epss", "scoring_elements": "0.91356", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7433" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397347", "reference_id": "1397347", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397347" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0252", "reference_id": "RHSA-2017:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0252" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7433" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dne-8jh8-xbhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84749?format=api", "vulnerability_id": "VCID-51cg-3jb8-p3cd", "summary": "ntp: Client rate limiting and server responses", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7426.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7426.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.9364", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.9371", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93696", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93702", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.9366", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93662", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93671", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93677", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.11683", "scoring_system": "epss", "scoring_elements": "0.93678", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7426" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397345", "reference_id": "1397345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397345" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0252", "reference_id": "RHSA-2017:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0252" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" }, { "reference_url": "https://usn.ubuntu.com/3707-2/", "reference_id": "USN-3707-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3707-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7426" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51cg-3jb8-p3cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84752?format=api", "vulnerability_id": "VCID-6k8f-w8pj-dqex", "summary": "ntp: DoS by oversized UDP packet", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95383", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95434", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95427", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95431", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95392", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95402", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95409", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95412", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.19624", "scoring_system": "epss", "scoring_elements": "0.95419", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410014", "reference_id": "1410014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1410014" }, { "reference_url": "https://security.archlinux.org/AVG-81", "reference_id": "AVG-81", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-81" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-9312" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6k8f-w8pj-dqex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84745?format=api", "vulnerability_id": "VCID-8g74-qxd6-jfcz", "summary": "ntp: Broadcast Mode Replay Prevention DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7427.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7427.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7427", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90055", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90039", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.89982", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.89995", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.9", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90022", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7427" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7427" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397329", "reference_id": "1397329", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397329" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" }, { "reference_url": "https://usn.ubuntu.com/3707-2/", "reference_id": "USN-3707-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3707-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7427" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8g74-qxd6-jfcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84746?format=api", "vulnerability_id": "VCID-94qw-ahj9-r3as", "summary": "ntp: Zero Origin timestamp regression", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7431.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7431.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95228", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.9528", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95266", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95277", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.9524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95243", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95254", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95257", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95262", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.18621", "scoring_system": "epss", "scoring_elements": "0.95263", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7431" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397331", "reference_id": "1397331", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397331" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7431" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-94qw-ahj9-r3as" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84743?format=api", "vulnerability_id": "VCID-b3ax-se39-4bbd", "summary": "ntp: Mode 6 unauthenticated trap information disclosure and DDoS vector", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84445", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84566", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84538", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.8454", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.8446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84479", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84481", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84502", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84508", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84526", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84522", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02227", "scoring_system": "epss", "scoring_elements": "0.84517", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9310" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9310" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397319", "reference_id": "1397319", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397319" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0252", "reference_id": "RHSA-2017:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0252" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" }, { "reference_url": "https://usn.ubuntu.com/3707-2/", "reference_id": "USN-3707-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3707-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-9310" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b3ax-se39-4bbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84748?format=api", "vulnerability_id": "VCID-h25b-hwuu-m7ck", "summary": "ntp: Attack on interface selection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89899", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89969", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89955", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89952", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89902", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.8992", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89937", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89951", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05213", "scoring_system": "epss", "scoring_elements": "0.89942", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7429" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397341", "reference_id": "1397341", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397341" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0252", "reference_id": "RHSA-2017:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0252" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7429" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h25b-hwuu-m7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84747?format=api", "vulnerability_id": "VCID-p9b7-s3jc-sbaq", "summary": "ntp: read_mru_list() does inadequate incoming packet checks", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7434.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7434.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.9835", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98371", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98369", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98367", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98355", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98363", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.62378", "scoring_system": "epss", "scoring_elements": "0.98366", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:H/Au:S/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397334", "reference_id": "1397334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397334" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40806.py", "reference_id": "CVE-2016-7434", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/40806.py" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7434" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p9b7-s3jc-sbaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84744?format=api", "vulnerability_id": "VCID-pqur-4fx6-akc6", "summary": "ntp: Broadcast Mode Poll Interval Enforcement DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7428.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7428.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90055", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90039", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.89982", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.89995", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.9", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90022", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05301", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7428" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397328", "reference_id": "1397328", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397328" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" }, { "reference_url": "https://usn.ubuntu.com/3707-2/", "reference_id": "USN-3707-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3707-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-7428" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pqur-4fx6-akc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84751?format=api", "vulnerability_id": "VCID-x36x-83tn-kkf4", "summary": "ntp: Null pointer dereference when trap service is enabled", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9311.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9311.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89435", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89499", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89487", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89485", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89438", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89449", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.8948", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04785", "scoring_system": "epss", "scoring_elements": "0.89478", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9311" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398350", "reference_id": "1398350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1398350" }, { "reference_url": "https://security.archlinux.org/ASA-201611-28", "reference_id": "ASA-201611-28", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-28" }, { "reference_url": "https://security.archlinux.org/AVG-79", "reference_id": "AVG-79", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-79" }, { "reference_url": "https://security.archlinux.org/AVG-80", "reference_id": "AVG-80", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-80" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0252", "reference_id": "RHSA-2017:0252", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0252" }, { "reference_url": "https://usn.ubuntu.com/3349-1/", "reference_id": "USN-3349-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3349-1/" }, { "reference_url": "https://usn.ubuntu.com/3707-2/", "reference_id": "USN-3707-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3707-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/373124?format=api", "purl": "pkg:alpm/archlinux/ntp@4.2.8.p9-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p9-1" } ], "aliases": [ "CVE-2016-9311" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x36x-83tn-kkf4" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/ntp@4.2.8.p8-1" }