Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libextractor@1:1.6-1?distro=trixie

Type deb

Namespace debian

Name libextractor

Version 1:1.6-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.6-2

Latest_non_vulnerable_version 1:1.13-10

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-3bg1-rwze-kuhw

vulnerability_id VCID-3bg1-rwze-kuhw

summary In GNU Libextractor 1.4, there is a heap-based buffer overflow in the EXTRACTOR_png_extract_method function in plugins/png_extractor.c, related to processiTXt and stndup.

references

reference_url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00006.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15601

reference_id

reference_type

scores

value	0.00432
scoring_system	epss
scoring_elements	0.62736
published_at	2026-04-24T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62724
published_at	2026-04-21T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62587
published_at	2026-04-01T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62645
published_at	2026-04-02T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62677
published_at	2026-04-04T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62642
published_at	2026-04-07T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62694
published_at	2026-04-08T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.6271
published_at	2026-04-09T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62729
published_at	2026-04-11T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62718
published_at	2026-04-12T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62695
published_at	2026-04-13T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62734
published_at	2026-04-16T12:55:00Z

value	0.00432
scoring_system	epss
scoring_elements	0.62742
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15601

reference_url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz
reference_id
reference_type
scores
url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_id	cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15601

reference_id

CVE-2017-15601

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15601

reference_url	https://usn.ubuntu.com/4641-1/
reference_id	USN-4641-1
reference_type
scores
url	https://usn.ubuntu.com/4641-1/

fixed_packages

url	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

aliases CVE-2017-15601

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bg1-rwze-kuhw

url VCID-5ymr-xk84-8uh3

vulnerability_id VCID-5ymr-xk84-8uh3

summary In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTOR_nsfe_extract_method function in plugins/nsfe_extractor.c, leading to an infinite loop for a crafted size.

references

reference_url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00005.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15602

reference_id

reference_type

scores

value	0.00408
scoring_system	epss
scoring_elements	0.61211
published_at	2026-04-24T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61222
published_at	2026-04-21T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61073
published_at	2026-04-01T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61151
published_at	2026-04-02T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61179
published_at	2026-04-04T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61144
published_at	2026-04-07T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61192
published_at	2026-04-08T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61207
published_at	2026-04-09T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61227
published_at	2026-04-11T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61214
published_at	2026-04-12T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61195
published_at	2026-04-13T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61235
published_at	2026-04-16T12:55:00Z

value	0.00408
scoring_system	epss
scoring_elements	0.61241
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15602

reference_url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz
reference_id
reference_type
scores
url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_id	cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15602

reference_id

CVE-2017-15602

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15602

reference_url	https://usn.ubuntu.com/4641-1/
reference_id	USN-4641-1
reference_type
scores
url	https://usn.ubuntu.com/4641-1/

fixed_packages

url	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

aliases CVE-2017-15602

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ymr-xk84-8uh3

url VCID-x3k6-yrp9-9ud9

vulnerability_id VCID-x3k6-yrp9-9ud9

summary In GNU Libextractor 1.4, there is a NULL Pointer Dereference in flac_metadata in flac_extractor.c.

references

reference_url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00003.html

reference_url	http://openwall.com/lists/oss-security/2017/10/11/1
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2017/10/11/1

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15267

reference_id

reference_type

scores

value	0.0066
scoring_system	epss
scoring_elements	0.71185
published_at	2026-04-24T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71127
published_at	2026-04-21T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71047
published_at	2026-04-01T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71056
published_at	2026-04-02T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71074
published_at	2026-04-04T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71048
published_at	2026-04-07T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71091
published_at	2026-04-08T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71103
published_at	2026-04-09T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71126
published_at	2026-04-11T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71112
published_at	2026-04-12T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71095
published_at	2026-04-13T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71141
published_at	2026-04-16T12:55:00Z

value	0.0066
scoring_system	epss
scoring_elements	0.71149
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15267

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499600
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15267
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15267

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html

reference_url	http://www.securityfocus.com/bid/101272
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101272

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878314
reference_id	878314
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878314

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_id	cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15267

reference_id

CVE-2017-15267

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15267

reference_url	https://usn.ubuntu.com/4641-1/
reference_id	USN-4641-1
reference_type
scores
url	https://usn.ubuntu.com/4641-1/

fixed_packages

url	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

aliases CVE-2017-15267

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x3k6-yrp9-9ud9

url VCID-xyab-d3gr-zkdw

vulnerability_id VCID-xyab-d3gr-zkdw

summary In GNU Libextractor 1.4, there is a Divide-By-Zero in EXTRACTOR_wav_extract_method in wav_extractor.c via a zero sample rate.

references

reference_url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00002.html

reference_url	http://openwall.com/lists/oss-security/2017/10/11/1
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2017/10/11/1

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15266

reference_id

reference_type

scores

value	0.00363
scoring_system	epss
scoring_elements	0.58399
published_at	2026-04-24T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58438
published_at	2026-04-21T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58308
published_at	2026-04-01T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58393
published_at	2026-04-02T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58413
published_at	2026-04-04T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58387
published_at	2026-04-07T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.5844
published_at	2026-04-08T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58446
published_at	2026-04-09T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58463
published_at	2026-04-11T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58443
published_at	2026-04-12T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58424
published_at	2026-04-13T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58456
published_at	2026-04-16T12:55:00Z

value	0.00363
scoring_system	epss
scoring_elements	0.58461
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15266

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499599
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15266
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15266

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html

reference_url	http://www.securityfocus.com/bid/101271
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101271

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878314
reference_id	878314
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=878314

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_id	cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15266

reference_id

CVE-2017-15266

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15266

reference_url	https://usn.ubuntu.com/4641-1/
reference_id	USN-4641-1
reference_type
scores
url	https://usn.ubuntu.com/4641-1/

fixed_packages

url	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

aliases CVE-2017-15266

risk_score 2.5

exploitability 0.5

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xyab-d3gr-zkdw

url VCID-zd6d-q8xx-zud6

vulnerability_id VCID-zd6d-q8xx-zud6

summary In GNU Libextractor 1.4, there is a NULL Pointer Dereference in the EXTRACTOR_nsf_extract_method function of plugins/nsf_extractor.c.

references

reference_url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html
reference_id
reference_type
scores
url	http://lists.gnu.org/archive/html/bug-libextractor/2017-10/msg00004.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-15600

reference_id

reference_type

scores

value	0.01659
scoring_system	epss
scoring_elements	0.82117
published_at	2026-04-24T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82095
published_at	2026-04-21T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.81993
published_at	2026-04-01T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82005
published_at	2026-04-02T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82027
published_at	2026-04-04T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82022
published_at	2026-04-07T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82049
published_at	2026-04-08T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82056
published_at	2026-04-09T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82076
published_at	2026-04-11T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82066
published_at	2026-04-12T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82058
published_at	2026-04-13T12:55:00Z

value	0.01659
scoring_system	epss
scoring_elements	0.82093
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-15600

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1501695
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1501695

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15600

reference_url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz
reference_id
reference_type
scores
url	https://ftp.gnu.org/gnu/libextractor/libextractor-1.6.tar.gz

reference_url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/12/msg00000.html

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_id	cpe:2.3:a:gnu:libextractor:1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:libextractor:1.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-15600

reference_id

CVE-2017-15600

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-15600

reference_url	https://usn.ubuntu.com/4641-1/
reference_id	USN-4641-1
reference_type
scores
url	https://usn.ubuntu.com/4641-1/

fixed_packages

url	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-2%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.11-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.11-7%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-8%3Fdistro=trixie

url	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
purl	pkg:deb/debian/libextractor@1:1.13-10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.13-10%3Fdistro=trixie

aliases CVE-2017-15600

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zd6d-q8xx-zud6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libextractor@1:1.6-1%3Fdistro=trixie

Package Instance