Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/77537?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "type": "ebuild", "namespace": "app-emulation", "name": "qemu", "version": "2.8.0-r1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.8.0-r9", "latest_non_vulnerable_version": "8.0.0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48526?format=api", "vulnerability_id": "VCID-265c-bbfk-skf3", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=c7dfbf322595ded4e70b626bf83158a9f3807c6a" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00045.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00048.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00048.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.263", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26172", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26151", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26341", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26381", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26222", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26276", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26231", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5898" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/07/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/07/3" }, { "reference_url": "http://www.securityfocus.com/bid/96112", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96112" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419699", "reference_id": "1419699", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1419699" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854729", "reference_id": "854729", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854729" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:ltss:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:ltss:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:ltss:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server_for_sap:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5898", "reference_id": "CVE-2017-5898", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5898" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:1856", "reference_id": "RHSA-2017:1856", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:1856" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2392", "reference_id": "RHSA-2017:2392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2392" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5898" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-265c-bbfk-skf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48522?format=api", "vulnerability_id": "VCID-7q7c-4788-j3a5", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5579.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5579.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33401", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33573", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33413", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33456", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33494", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33453", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33429", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33465", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.3344", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33409", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5579" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416157", "reference_id": "1416157", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1416157" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853002", "reference_id": "853002", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853002" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2392", "reference_id": "RHSA-2017:2392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2408", "reference_id": "RHSA-2017:2408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2408" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5579" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7q7c-4788-j3a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48523?format=api", "vulnerability_id": "VCID-88ef-174t-tbdr", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commitdiff%3Bh=42922105beb14c2fc58185ea022b9f72fb5465e9" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5667.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5667.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44846", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44932", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44937", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44982", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44929", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44949", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44892", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44943", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44945", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44934", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5667" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5667" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/01/30/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/01/30/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/01/31/10", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/01/31/10" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/12/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/12/1" }, { "reference_url": "http://www.securityfocus.com/bid/95885", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95885" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417559", "reference_id": "1417559", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417559" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996", "reference_id": "853996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5667", "reference_id": "CVE-2017-5667", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5667" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5667" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88ef-174t-tbdr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48517?format=api", "vulnerability_id": "VCID-ar73-za25-zkav", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10155.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25761", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25832", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25644", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25716", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25763", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25774", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25734", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25676", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25662", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25637", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10155" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10155", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10155" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415199", "reference_id": "1415199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415199" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852232", "reference_id": "852232", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852232" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2392", "reference_id": "RHSA-2017:2392", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2408", "reference_id": "RHSA-2017:2408", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2408" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2016-10155" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ar73-za25-zkav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4091?format=api", "vulnerability_id": "VCID-j84y-1e8t-3ygv", "summary": "oob access in cirrus bitblt copy", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0309.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0328.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0329.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0330.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0331.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0332.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0333.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0334.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0344.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0350.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0396.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2017-0454.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2615.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2615.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.7704", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77134", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77101", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77141", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77143", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77046", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77075", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77056", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77088", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77126", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2615" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2615" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "reference_url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html" }, { "reference_url": "https://support.citrix.com/article/CTX220771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://support.citrix.com/article/CTX220771" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/01/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/01/6" }, { "reference_url": "http://www.securityfocus.com/bid/95990", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95990" }, { "reference_url": "http://www.securitytracker.com/id/1037804", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id/1037804" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418200", "reference_id": "1418200", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418200" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854731", "reference_id": "854731", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854731" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.2.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:6.5:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:citrix:xenserver:7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:xen:xen:4.7.1:r1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:xen:xen:4.7.1:r2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r3:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:xen:xen:4.7.1:r3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r4:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:xen:xen:4.7.1:r4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:xen:xen:4.7.1:r4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2615", "reference_id": "CVE-2017-2615", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:C/I:C/A:C" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-2615" }, { "reference_url": "https://security.gentoo.org/glsa/201702-27", "reference_id": "GLSA-201702-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-27" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0309", "reference_id": "RHSA-2017:0309", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0328", "reference_id": "RHSA-2017:0328", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0328" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0329", "reference_id": "RHSA-2017:0329", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0330", "reference_id": "RHSA-2017:0330", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0330" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0331", "reference_id": "RHSA-2017:0331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0331" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0332", "reference_id": "RHSA-2017:0332", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0332" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0333", "reference_id": "RHSA-2017:0333", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0334", "reference_id": "RHSA-2017:0334", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0334" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0344", "reference_id": "RHSA-2017:0344", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0350", "reference_id": "RHSA-2017:0350", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0396", "reference_id": "RHSA-2017:0396", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0396" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0454", "reference_id": "RHSA-2017:0454", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:0454" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-208.html", "reference_id": "XSA-208", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-208.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-2615", "XSA-208" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j84y-1e8t-3ygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48521?format=api", "vulnerability_id": "VCID-kvww-v5vg-qbdt", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5578.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5578.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41884", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41976", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41949", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41985", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41886", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5578" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415795", "reference_id": "1415795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415795" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" }, { "reference_url": "https://usn.ubuntu.com/3268-1/", "reference_id": "USN-3268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3268-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5578" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kvww-v5vg-qbdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48520?format=api", "vulnerability_id": "VCID-mgn9-kzp9-wke5", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5552.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5552.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5552", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41884", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41976", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41952", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41963", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41949", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41935", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41985", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41886", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5552" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5552", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5552" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415281", "reference_id": "1415281", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1415281" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852119", "reference_id": "852119", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852119" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" }, { "reference_url": "https://usn.ubuntu.com/3268-1/", "reference_id": "USN-3268-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3268-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5552" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgn9-kzp9-wke5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48528?format=api", "vulnerability_id": "VCID-qtkd-pv6z-pkdf", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=a08aaff811fb194950f79711d2afe5a892ae03a4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=a08aaff811fb194950f79711d2afe5a892ae03a4" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4468", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44816", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44809", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44781", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44775", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44792", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44761", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44763", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5931" }, { "reference_url": "https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.nongnu.org/archive/html/qemu-devel/2017-01/msg01368.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/08/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/08/2" }, { "reference_url": "http://www.securityfocus.com/bid/96141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420092", "reference_id": "1420092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1420092" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854730", "reference_id": "854730", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=854730" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5931", "reference_id": "CVE-2017-5931", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:C/I:C/A:C" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5931" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5931" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtkd-pv6z-pkdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48524?format=api", "vulnerability_id": "VCID-ssft-w1t3-9kc9", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=765a707000e838c30b18d712fe6cb3dd8e0435f3" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5856.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5856.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34511", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34564", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3455", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5856" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5856", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5856" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/01/19", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/01/19" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/02/14", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/02/14" }, { "reference_url": "http://www.securityfocus.com/bid/95999", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418342", "reference_id": "1418342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996", "reference_id": "853996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5856", "reference_id": "CVE-2017-5856", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5856" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5856" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ssft-w1t3-9kc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48525?format=api", "vulnerability_id": "VCID-wqwh-zgp4-ske3", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.qemu-project.org/?p=qemu.git%3Ba=commit%3Bh=5e8e3c4c75c199aa1017db816fca02be2a9f8798" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5857.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5857.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5857", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34511", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34564", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3455", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5857" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5857", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5857" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/01/21", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/01/21" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/02/02/16", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/02/02/16" }, { "reference_url": "http://www.securityfocus.com/bid/95993", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/95993" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418382", "reference_id": "1418382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418382" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996", "reference_id": "853996", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853996" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:qemu:qemu:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5857", "reference_id": "CVE-2017-5857", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5857" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5857" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wqwh-zgp4-ske3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48519?format=api", "vulnerability_id": "VCID-x6ex-t3v5-87h9", "summary": "Multiple vulnerabilities have been found in QEMU, the worst of\n which could lead to the execution of arbitrary code on the host system.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5525.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5525.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34647", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34587", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34589", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3455", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34564", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34549", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34511", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-5525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5525" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv2", "scoring_elements": "AV:A/AC:M/Au:S/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414108", "reference_id": "1414108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414108" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852021", "reference_id": "852021", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852021" }, { "reference_url": "https://security.gentoo.org/glsa/201702-28", "reference_id": "GLSA-201702-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201702-28" }, { "reference_url": "https://usn.ubuntu.com/3261-1/", "reference_id": "USN-3261-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3261-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/77537?format=api", "purl": "pkg:ebuild/app-emulation/qemu@2.8.0-r1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" } ], "aliases": [ "CVE-2017-5525" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x6ex-t3v5-87h9" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/qemu@2.8.0-r1" }