Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie

Type deb

Namespace debian

Name libvorbis

Version 1.3.7-3

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-12w2-ffkf-7bfv

vulnerability_id VCID-12w2-ffkf-7bfv

summary vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree()

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2009.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2009

reference_id

reference_type

scores

value	0.0434
scoring_system	epss
scoring_elements	0.88877
published_at	2026-04-01T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88885
published_at	2026-04-02T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.889
published_at	2026-04-04T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88903
published_at	2026-04-07T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88921
published_at	2026-04-08T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88927
published_at	2026-04-09T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88938
published_at	2026-04-11T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88933
published_at	2026-04-12T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88932
published_at	2026-04-13T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88946
published_at	2026-04-16T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88944
published_at	2026-04-18T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.8894
published_at	2026-04-21T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88957
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2009

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=444443
reference_id	444443
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=444443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482039
reference_id	482039
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482039

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/861-1/
reference_id	USN-861-1
reference_type
scores
url	https://usn.ubuntu.com/861-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-4?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-4%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2008-2009

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12w2-ffkf-7bfv

url VCID-45n4-j354-v3c4

vulnerability_id VCID-45n4-j354-v3c4

summary

Multiple vulnerabilities have been found in libvorbis, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10392.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10392.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10392

reference_id

reference_type

scores

value	0.01423
scoring_system	epss
scoring_elements	0.8055
published_at	2026-04-01T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80665
published_at	2026-04-24T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80634
published_at	2026-04-16T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80637
published_at	2026-04-18T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80641
published_at	2026-04-21T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80557
published_at	2026-04-02T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80579
published_at	2026-04-04T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80572
published_at	2026-04-07T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.806
published_at	2026-04-08T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80609
published_at	2026-04-09T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80627
published_at	2026-04-11T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80614
published_at	2026-04-12T12:55:00Z

value	0.01423
scoring_system	epss
scoring_elements	0.80605
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10392

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10392
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10392

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.xiph.org/xiph/vorbis/issues/2335
reference_id
reference_type
scores
url	https://gitlab.xiph.org/xiph/vorbis/issues/2335

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1574193
reference_id	1574193
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1574193

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780
reference_id	876780
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*
reference_id	cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10392

reference_id

CVE-2018-10392

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10392

reference_url	https://security.gentoo.org/glsa/202003-36
reference_id	GLSA-202003-36
reference_type
scores
url	https://security.gentoo.org/glsa/202003-36

reference_url	https://access.redhat.com/errata/RHSA-2019:3703
reference_id	RHSA-2019:3703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3703

reference_url	https://usn.ubuntu.com/5420-1/
reference_id	USN-5420-1
reference_type
scores
url	https://usn.ubuntu.com/5420-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.6-2%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2018-10392

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-45n4-j354-v3c4

url VCID-49kj-gbcz-6fd1

vulnerability_id VCID-49kj-gbcz-6fd1

summary

A buffer overflow vulnerability and several memory corruptions have been
    discovered in libvorbis.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4066.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4066.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-4066

reference_id

reference_type

scores

value	0.01248
scoring_system	epss
scoring_elements	0.79261
published_at	2026-04-01T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79268
published_at	2026-04-02T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79292
published_at	2026-04-04T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79277
published_at	2026-04-07T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79303
published_at	2026-04-08T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79313
published_at	2026-04-09T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79336
published_at	2026-04-16T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.7932
published_at	2026-04-12T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79309
published_at	2026-04-13T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79332
published_at	2026-04-18T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79333
published_at	2026-04-21T12:55:00Z

value	0.01248
scoring_system	epss
scoring_elements	0.79366
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-4066

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4066

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=249780
reference_id	249780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=249780

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200710-03
reference_id	GLSA-200710-03
reference_type
scores
url	https://security.gentoo.org/glsa/200710-03

reference_url	https://access.redhat.com/errata/RHSA-2007:0845
reference_id	RHSA-2007:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0845

reference_url	https://access.redhat.com/errata/RHSA-2007:0912
reference_id	RHSA-2007:0912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0912

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2007-4066

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-49kj-gbcz-6fd1

url VCID-55cd-r9yc-nfan

vulnerability_id VCID-55cd-r9yc-nfan

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3379.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3379

reference_id

reference_type

scores

value	0.04866
scoring_system	epss
scoring_elements	0.8958
published_at	2026-04-24T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89515
published_at	2026-04-01T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89519
published_at	2026-04-02T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89532
published_at	2026-04-07T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89548
published_at	2026-04-08T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89553
published_at	2026-04-09T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.8956
published_at	2026-04-11T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89559
published_at	2026-04-12T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89554
published_at	2026-04-13T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89567
published_at	2026-04-16T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89569
published_at	2026-04-18T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89565
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3379

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=531765
reference_id	531765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=531765

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379
reference_id	CVE-2009-3379
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_id

mfsa2009-63

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_url	https://access.redhat.com/errata/RHSA-2009:1561
reference_id	RHSA-2009:1561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1561

reference_url	https://usn.ubuntu.com/861-1/
reference_id	USN-861-1
reference_type
scores
url	https://usn.ubuntu.com/861-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.3-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.3-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2009-3379

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55cd-r9yc-nfan

url VCID-6qp9-715s-8kdu

vulnerability_id VCID-6qp9-715s-8kdu

summary

Multiple vulnerabilities have been found in libvorbis, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10393.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10393.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-10393

reference_id

reference_type

scores

value	0.00379
scoring_system	epss
scoring_elements	0.59331
published_at	2026-04-01T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59438
published_at	2026-04-24T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59474
published_at	2026-04-16T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59481
published_at	2026-04-18T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59464
published_at	2026-04-21T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59404
published_at	2026-04-02T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59428
published_at	2026-04-04T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59393
published_at	2026-04-07T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59444
published_at	2026-04-08T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59458
published_at	2026-04-09T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59476
published_at	2026-04-11T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.5946
published_at	2026-04-12T12:55:00Z

value	0.00379
scoring_system	epss
scoring_elements	0.59442
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-10393

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10393

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.xiph.org/xiph/vorbis/issues/2334
reference_id
reference_type
scores
url	https://gitlab.xiph.org/xiph/vorbis/issues/2334

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1574194
reference_id	1574194
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1574194

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780
reference_id	876780
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*
reference_id	cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-10393

reference_id

CVE-2018-10393

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-10393

reference_url	https://security.gentoo.org/glsa/202003-36
reference_id	GLSA-202003-36
reference_type
scores
url	https://security.gentoo.org/glsa/202003-36

reference_url	https://access.redhat.com/errata/RHSA-2019:3703
reference_id	RHSA-2019:3703
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3703

reference_url	https://usn.ubuntu.com/5420-1/
reference_id	USN-5420-1
reference_type
scores
url	https://usn.ubuntu.com/5420-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.6-2%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2018-10393

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6qp9-715s-8kdu

url VCID-8qdb-sj7v-c3cb

vulnerability_id VCID-8qdb-sj7v-c3cb

summary

Multiple vulnerabilities in libvorbis might lead to the execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1420.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1420.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1420

reference_id

reference_type

scores

value	0.08948
scoring_system	epss
scoring_elements	0.92558
published_at	2026-04-01T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92564
published_at	2026-04-02T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92571
published_at	2026-04-04T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92573
published_at	2026-04-07T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92584
published_at	2026-04-08T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92589
published_at	2026-04-09T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92595
published_at	2026-04-12T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92594
published_at	2026-04-13T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92608
published_at	2026-04-16T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92607
published_at	2026-04-18T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.9261
published_at	2026-04-21T12:55:00Z

value	0.08948
scoring_system	epss
scoring_elements	0.92613
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1420

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440706
reference_id	440706
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440706

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
reference_id	482518
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518

reference_url	https://security.gentoo.org/glsa/200806-09
reference_id	GLSA-200806-09
reference_type
scores
url	https://security.gentoo.org/glsa/200806-09

reference_url	https://access.redhat.com/errata/RHSA-2008:0270
reference_id	RHSA-2008:0270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0270

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/682-1/
reference_id	USN-682-1
reference_type
scores
url	https://usn.ubuntu.com/682-1/

reference_url	https://usn.ubuntu.com/825-1/
reference_id	USN-825-1
reference_type
scores
url	https://usn.ubuntu.com/825-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2008-1420

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8qdb-sj7v-c3cb

url VCID-bv67-87hf-byf5

vulnerability_id VCID-bv67-87hf-byf5

summary

A buffer overflow vulnerability and several memory corruptions have been
    discovered in libvorbis.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3106.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3106.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-3106

reference_id

reference_type

scores

value	0.03005
scoring_system	epss
scoring_elements	0.86517
published_at	2026-04-01T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86527
published_at	2026-04-02T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86546
published_at	2026-04-04T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86545
published_at	2026-04-07T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86564
published_at	2026-04-08T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86574
published_at	2026-04-09T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86589
published_at	2026-04-21T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86585
published_at	2026-04-12T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86578
published_at	2026-04-13T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86592
published_at	2026-04-16T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86597
published_at	2026-04-18T12:55:00Z

value	0.03005
scoring_system	epss
scoring_elements	0.86607
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-3106

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3106

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=245991
reference_id	245991
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=245991

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200710-03
reference_id	GLSA-200710-03
reference_type
scores
url	https://security.gentoo.org/glsa/200710-03

reference_url	https://access.redhat.com/errata/RHSA-2007:0845
reference_id	RHSA-2007:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0845

reference_url	https://access.redhat.com/errata/RHSA-2007:0912
reference_id	RHSA-2007:0912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0912

reference_url	https://usn.ubuntu.com/498-1/
reference_id	USN-498-1
reference_type
scores
url	https://usn.ubuntu.com/498-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2007-3106

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bv67-87hf-byf5

url VCID-c3vm-d9f5-2kcj

vulnerability_id VCID-c3vm-d9f5-2kcj

summary

Multiple vulnerabilities in libvorbis might lead to the execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1419

reference_id

reference_type

scores

value	0.13143
scoring_system	epss
scoring_elements	0.94079
published_at	2026-04-01T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94089
published_at	2026-04-02T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94099
published_at	2026-04-04T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94103
published_at	2026-04-07T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94112
published_at	2026-04-08T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94116
published_at	2026-04-09T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94121
published_at	2026-04-13T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94137
published_at	2026-04-16T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94142
published_at	2026-04-21T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94145
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440700
reference_id	440700
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440700

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
reference_id	482518
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200806-09
reference_id	GLSA-200806-09
reference_type
scores
url	https://security.gentoo.org/glsa/200806-09

reference_url	https://access.redhat.com/errata/RHSA-2008:0270
reference_id	RHSA-2008:0270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0270

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/682-1/
reference_id	USN-682-1
reference_type
scores
url	https://usn.ubuntu.com/682-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2008-1419

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3vm-d9f5-2kcj

url VCID-dgfg-2eq3-5ybm

vulnerability_id VCID-dgfg-2eq3-5ybm

summary

A buffer overflow vulnerability and several memory corruptions have been
    discovered in libvorbis.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4029.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4029.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-4029

reference_id

reference_type

scores

value	0.01627
scoring_system	epss
scoring_elements	0.818
published_at	2026-04-01T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.8181
published_at	2026-04-02T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81833
published_at	2026-04-04T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.8183
published_at	2026-04-07T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81856
published_at	2026-04-08T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81863
published_at	2026-04-09T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81882
published_at	2026-04-11T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.8187
published_at	2026-04-12T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81865
published_at	2026-04-13T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81901
published_at	2026-04-18T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81904
published_at	2026-04-21T12:55:00Z

value	0.01627
scoring_system	epss
scoring_elements	0.81927
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-4029

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4029

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=249780
reference_id	249780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=249780

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437916
reference_id	437916
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=437916

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200710-03
reference_id	GLSA-200710-03
reference_type
scores
url	https://security.gentoo.org/glsa/200710-03

reference_url	https://access.redhat.com/errata/RHSA-2007:0845
reference_id	RHSA-2007:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0845

reference_url	https://access.redhat.com/errata/RHSA-2007:0912
reference_id	RHSA-2007:0912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0912

reference_url	https://usn.ubuntu.com/498-1/
reference_id	USN-498-1
reference_type
scores
url	https://usn.ubuntu.com/498-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2007-4029

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgfg-2eq3-5ybm

url VCID-fdue-dg92-13cp

vulnerability_id VCID-fdue-dg92-13cp

summary

Multiple vulnerabilities have been found in Mozilla Thunderbird,
    the worst of which could lead to the execution of arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5146.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-5146

reference_id

reference_type

scores

value	0.41108
scoring_system	epss
scoring_elements	0.97373
published_at	2026-04-07T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.9738
published_at	2026-04-08T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.97368
published_at	2026-04-02T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.97361
published_at	2026-04-01T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.97384
published_at	2026-04-12T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.97383
published_at	2026-04-11T12:55:00Z

value	0.41108
scoring_system	epss
scoring_elements	0.97381
published_at	2026-04-09T12:55:00Z

value	0.44797
scoring_system	epss
scoring_elements	0.97587
published_at	2026-04-16T12:55:00Z

value	0.44797
scoring_system	epss
scoring_elements	0.97579
published_at	2026-04-13T12:55:00Z

value	0.55641
scoring_system	epss
scoring_elements	0.98089
published_at	2026-04-24T12:55:00Z

value	0.55641
scoring_system	epss
scoring_elements	0.98092
published_at	2026-04-18T12:55:00Z

value	0.55641
scoring_system	epss
scoring_elements	0.98088
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-5146

reference_url	https://bugzilla.mozilla.org/show_bug.cgi?id=1446062
reference_id
reference_type
scores
url	https://bugzilla.mozilla.org/show_bug.cgi?id=1446062

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5125

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5127

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5129

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5144

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5145

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5146

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5147

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/03/msg00022.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/03/msg00022.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/03/msg00029.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html

reference_url	https://www.debian.org/security/2018/dsa-4140
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4140

reference_url	https://www.debian.org/security/2018/dsa-4143
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4143

reference_url	https://www.debian.org/security/2018/dsa-4155
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4155

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-08/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-08/

reference_url	https://www.mozilla.org/security/advisories/mfsa2018-09/
reference_id
reference_type
scores
url	https://www.mozilla.org/security/advisories/mfsa2018-09/

reference_url	http://www.securityfocus.com/bid/103432
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/103432

reference_url	http://www.securitytracker.com/id/1040544
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1040544

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1557221
reference_id	1557221
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1557221

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893130
reference_id	893130
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893130

reference_url	https://security.archlinux.org/ASA-201803-12
reference_id	ASA-201803-12
reference_type
scores
url	https://security.archlinux.org/ASA-201803-12

reference_url	https://security.archlinux.org/ASA-201803-13
reference_id	ASA-201803-13
reference_type
scores
url	https://security.archlinux.org/ASA-201803-13

reference_url	https://security.archlinux.org/ASA-201803-21
reference_id	ASA-201803-21
reference_type
scores
url	https://security.archlinux.org/ASA-201803-21

reference_url	https://security.archlinux.org/ASA-201803-22
reference_id	ASA-201803-22
reference_type
scores
url	https://security.archlinux.org/ASA-201803-22

reference_url

https://security.archlinux.org/AVG-367

reference_id

AVG-367

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-367

reference_url

https://security.archlinux.org/AVG-657

reference_id

AVG-657

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-657

reference_url

https://security.archlinux.org/AVG-658

reference_id

AVG-658

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-658

reference_url

https://security.archlinux.org/AVG-663

reference_id

AVG-663

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-663

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::
reference_id	cpe:2.3:a:mozilla:firefox::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:firefox::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::
reference_id	cpe:2.3:a:mozilla:thunderbird::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:thunderbird::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-5146

reference_id

CVE-2018-5146

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-5146

reference_url	https://security.gentoo.org/glsa/201811-13
reference_id	GLSA-201811-13
reference_type
scores
url	https://security.gentoo.org/glsa/201811-13

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-08

reference_id

mfsa2018-08

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-08

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-09

reference_id

mfsa2018-09

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2018-09

reference_url	https://access.redhat.com/errata/RHSA-2018:0549
reference_id	RHSA-2018:0549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0549

reference_url	https://access.redhat.com/errata/RHSA-2018:0647
reference_id	RHSA-2018:0647
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0647

reference_url	https://access.redhat.com/errata/RHSA-2018:0648
reference_id	RHSA-2018:0648
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0648

reference_url	https://access.redhat.com/errata/RHSA-2018:0649
reference_id	RHSA-2018:0649
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:0649

reference_url	https://access.redhat.com/errata/RHSA-2018:1058
reference_id	RHSA-2018:1058
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1058

reference_url	https://usn.ubuntu.com/3545-1/
reference_id	USN-3545-1
reference_type
scores
url	https://usn.ubuntu.com/3545-1/

reference_url	https://usn.ubuntu.com/3599-1/
reference_id	USN-3599-1
reference_type
scores
url	https://usn.ubuntu.com/3599-1/

reference_url	https://usn.ubuntu.com/3604-1/
reference_id	USN-3604-1
reference_type
scores
url	https://usn.ubuntu.com/3604-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.5-4.2?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.5-4.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4.2%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2018-5146

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdue-dg92-13cp

url VCID-gajm-zb2s-ukgz

vulnerability_id VCID-gajm-zb2s-ukgz

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0444.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0444.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0444

reference_id

reference_type

scores

value	0.08566
scoring_system	epss
scoring_elements	0.92425
published_at	2026-04-24T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92368
published_at	2026-04-01T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92375
published_at	2026-04-02T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92382
published_at	2026-04-04T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92386
published_at	2026-04-07T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92398
published_at	2026-04-08T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92402
published_at	2026-04-09T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92408
published_at	2026-04-11T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92411
published_at	2026-04-12T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92409
published_at	2026-04-13T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.9242
published_at	2026-04-16T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-18T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92421
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664197
reference_id	664197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664197

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=786026
reference_id	786026
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=786026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444
reference_id	CVE-2012-0444
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-07

reference_id

mfsa2012-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-07

reference_url	https://access.redhat.com/errata/RHSA-2012:0079
reference_id	RHSA-2012:0079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0079

reference_url	https://access.redhat.com/errata/RHSA-2012:0136
reference_id	RHSA-2012:0136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0136

reference_url	https://usn.ubuntu.com/1350-1/
reference_id	USN-1350-1
reference_type
scores
url	https://usn.ubuntu.com/1350-1/

reference_url	https://usn.ubuntu.com/1353-1/
reference_id	USN-1353-1
reference_type
scores
url	https://usn.ubuntu.com/1353-1/

reference_url	https://usn.ubuntu.com/1355-1/
reference_id	USN-1355-1
reference_type
scores
url	https://usn.ubuntu.com/1355-1/

reference_url	https://usn.ubuntu.com/1369-1/
reference_id	USN-1369-1
reference_type
scores
url	https://usn.ubuntu.com/1369-1/

reference_url	https://usn.ubuntu.com/1370-1/
reference_id	USN-1370-1
reference_type
scores
url	https://usn.ubuntu.com/1370-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.2-1.2?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.2-1.2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.2-1.2%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2012-0444

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gajm-zb2s-ukgz

url VCID-mddv-hvgp-u3aa

vulnerability_id VCID-mddv-hvgp-u3aa

summary

Multiple vulnerabilities in libvorbis might lead to the execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1423.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1423.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1423

reference_id

reference_type

scores

value	0.10744
scoring_system	epss
scoring_elements	0.93303
published_at	2026-04-01T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93312
published_at	2026-04-02T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93317
published_at	2026-04-04T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93316
published_at	2026-04-07T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93324
published_at	2026-04-08T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93329
published_at	2026-04-09T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93333
published_at	2026-04-13T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93332
published_at	2026-04-12T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.9335
published_at	2026-04-16T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93355
published_at	2026-04-18T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93362
published_at	2026-04-21T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93367
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1423

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440709
reference_id	440709
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440709

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
reference_id	482518
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200806-09
reference_id	GLSA-200806-09
reference_type
scores
url	https://security.gentoo.org/glsa/200806-09

reference_url	https://access.redhat.com/errata/RHSA-2008:0270
reference_id	RHSA-2008:0270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0270

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/682-1/
reference_id	USN-682-1
reference_type
scores
url	https://usn.ubuntu.com/682-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-3.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2008-1423

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mddv-hvgp-u3aa

url VCID-mekv-71pb-mfdw

vulnerability_id VCID-mekv-71pb-mfdw

summary

A buffer overflow vulnerability and several memory corruptions have been
    discovered in libvorbis.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4065.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4065.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2007-4065

reference_id

reference_type

scores

value	0.05346
scoring_system	epss
scoring_elements	0.90029
published_at	2026-04-01T12:55:00Z

value	0.05346
scoring_system	epss
scoring_elements	0.90032
published_at	2026-04-02T12:55:00Z

value	0.05346
scoring_system	epss
scoring_elements	0.90043
published_at	2026-04-04T12:55:00Z

value	0.05346
scoring_system	epss
scoring_elements	0.90048
published_at	2026-04-07T12:55:00Z

value	0.05346
scoring_system	epss
scoring_elements	0.90063
published_at	2026-04-08T12:55:00Z

value	0.05346
scoring_system	epss
scoring_elements	0.90069
published_at	2026-04-09T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90166
published_at	2026-04-11T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90164
published_at	2026-04-12T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90159
published_at	2026-04-13T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90177
published_at	2026-04-18T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90173
published_at	2026-04-21T12:55:00Z

value	0.05424
scoring_system	epss
scoring_elements	0.90188
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2007-4065

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4065

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=249780
reference_id	249780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=249780

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200710-03
reference_id	GLSA-200710-03
reference_type
scores
url	https://security.gentoo.org/glsa/200710-03

reference_url	https://access.redhat.com/errata/RHSA-2007:0845
reference_id	RHSA-2007:0845
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0845

reference_url	https://access.redhat.com/errata/RHSA-2007:0912
reference_id	RHSA-2007:0912
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2007:0912

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2007-4065

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mekv-71pb-mfdw

url VCID-qvsc-tr3r-9fc9

vulnerability_id VCID-qvsc-tr3r-9fc9

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11333.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-11333.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-11333

reference_id

reference_type

scores

value	0.02385
scoring_system	epss
scoring_elements	0.84929
published_at	2026-04-01T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.8505
published_at	2026-04-24T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85028
published_at	2026-04-18T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85025
published_at	2026-04-21T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.84943
published_at	2026-04-02T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.84961
published_at	2026-04-04T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.84965
published_at	2026-04-07T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.84988
published_at	2026-04-08T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.84995
published_at	2026-04-09T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85011
published_at	2026-04-11T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85009
published_at	2026-04-12T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85005
published_at	2026-04-13T12:55:00Z

value	0.02385
scoring_system	epss
scoring_elements	0.85026
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-11333

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1480643
reference_id	1480643
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1480643

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870341
reference_id	870341
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870341

reference_url	https://security.archlinux.org/ASA-201803-12
reference_id	ASA-201803-12
reference_type
scores
url	https://security.archlinux.org/ASA-201803-12

reference_url

https://security.archlinux.org/AVG-367

reference_id

AVG-367

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-367

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42399.txt
reference_id	CVE-2017-11735;CVE-2017-11333
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42399.txt

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2017-11333

risk_score 10.0

exploitability 2.0

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvsc-tr3r-9fc9

url VCID-ukgq-ajbx-dug6

vulnerability_id VCID-ukgq-ajbx-dug6

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14632.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14632.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14632

reference_id

reference_type

scores

value	0.06507
scoring_system	epss
scoring_elements	0.91056
published_at	2026-04-01T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91147
published_at	2026-04-24T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91098
published_at	2026-04-09T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91106
published_at	2026-04-11T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91107
published_at	2026-04-13T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91131
published_at	2026-04-16T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.9113
published_at	2026-04-18T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91133
published_at	2026-04-21T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91061
published_at	2026-04-02T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.9107
published_at	2026-04-04T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91079
published_at	2026-04-07T12:55:00Z

value	0.06507
scoring_system	epss
scoring_elements	0.91092
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.xiph.org/xiph/vorbis/issues/2328
reference_id
reference_type
scores
url	https://gitlab.xiph.org/xiph/vorbis/issues/2328

reference_url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html

reference_url	https://www.debian.org/security/2018/dsa-4113
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4113

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499952
reference_id	1499952
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499952

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876779
reference_id	876779
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876779

reference_url	https://security.archlinux.org/ASA-201803-12
reference_id	ASA-201803-12
reference_type
scores
url	https://security.archlinux.org/ASA-201803-12

reference_url	https://security.archlinux.org/ASA-201803-21
reference_id	ASA-201803-21
reference_type
scores
url	https://security.archlinux.org/ASA-201803-21

reference_url

https://security.archlinux.org/AVG-367

reference_id

AVG-367

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-367

reference_url

https://security.archlinux.org/AVG-658

reference_id

AVG-658

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-658

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_id	cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14632

reference_id

CVE-2017-14632

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14632

reference_url	https://usn.ubuntu.com/3569-1/
reference_id	USN-3569-1
reference_type
scores
url	https://usn.ubuntu.com/3569-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2017-14632

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ukgq-ajbx-dug6

url VCID-wst6-s2k4-kkdj

vulnerability_id VCID-wst6-s2k4-kkdj

summary

Multiple vulnerabilities have been found in libvorbis, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://openwall.com/lists/oss-security/2017/09/21/2
reference_id
reference_type
scores
url	http://openwall.com/lists/oss-security/2017/09/21/2

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14160.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14160.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14160

reference_id

reference_type

scores

value	0.01552
scoring_system	epss
scoring_elements	0.81359
published_at	2026-04-01T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81485
published_at	2026-04-24T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81432
published_at	2026-04-12T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81424
published_at	2026-04-13T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81462
published_at	2026-04-16T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81463
published_at	2026-04-21T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81368
published_at	2026-04-02T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81391
published_at	2026-04-04T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81389
published_at	2026-04-07T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81417
published_at	2026-04-08T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81422
published_at	2026-04-09T12:55:00Z

value	0.01552
scoring_system	epss
scoring_elements	0.81444
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14160

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/11/msg00031.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/11/msg00023.html

reference_url	http://www.securityfocus.com/bid/101045
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/101045

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499991
reference_id	1499991
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499991

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780
reference_id	876780
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876780

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_id	cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14160

reference_id

CVE-2017-14160

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14160

reference_url	https://security.gentoo.org/glsa/202003-36
reference_id	GLSA-202003-36
reference_type
scores
url	https://security.gentoo.org/glsa/202003-36

reference_url	https://usn.ubuntu.com/5420-1/
reference_id	USN-5420-1
reference_type
scores
url	https://usn.ubuntu.com/5420-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.6-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.6-2%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2017-14160

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wst6-s2k4-kkdj

url VCID-wvm2-2xak-5fbn

vulnerability_id VCID-wvm2-2xak-5fbn

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14633.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14633.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-14633

reference_id

reference_type

scores

value	0.00542
scoring_system	epss
scoring_elements	0.67737
published_at	2026-04-24T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67647
published_at	2026-04-07T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67698
published_at	2026-04-08T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67713
published_at	2026-04-09T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67736
published_at	2026-04-18T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67721
published_at	2026-04-12T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67688
published_at	2026-04-13T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67723
published_at	2026-04-16T12:55:00Z

value	0.00542
scoring_system	epss
scoring_elements	0.67717
published_at	2026-04-21T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76929
published_at	2026-04-01T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76935
published_at	2026-04-02T12:55:00Z

value	0.01001
scoring_system	epss
scoring_elements	0.76965
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-14633

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11333

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14632

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14633

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:N/A:N

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://gitlab.xiph.org/xiph/vorbis/issues/2329
reference_id
reference_type
scores
url	https://gitlab.xiph.org/xiph/vorbis/issues/2329

reference_url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/04/msg00033.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/12/msg00021.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/12/msg00021.html

reference_url	https://www.debian.org/security/2018/dsa-4113
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4113

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1499959
reference_id	1499959
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1499959

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876778
reference_id	876778
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876778

reference_url	https://security.archlinux.org/ASA-201803-12
reference_id	ASA-201803-12
reference_type
scores
url	https://security.archlinux.org/ASA-201803-12

reference_url	https://security.archlinux.org/ASA-201803-21
reference_id	ASA-201803-21
reference_type
scores
url	https://security.archlinux.org/ASA-201803-21

reference_url

https://security.archlinux.org/AVG-367

reference_id

AVG-367

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-367

reference_url

https://security.archlinux.org/AVG-658

reference_id

AVG-658

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-658

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_id	cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xiph.org:libvorbis:1.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-14633

reference_id

CVE-2017-14633

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-14633

reference_url	https://usn.ubuntu.com/3569-1/
reference_id	USN-3569-1
reference_type
scores
url	https://usn.ubuntu.com/3569-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.5-4.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.5-4.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2017-14633

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvm2-2xak-5fbn

url VCID-xdfe-jqzv-rbb4

vulnerability_id VCID-xdfe-jqzv-rbb4

summary

A processing error in libvorbis might result in the execution of arbitrary
    code or a Denial of Service.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2663.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-2663.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-2663

reference_id

reference_type

scores

value	0.02221
scoring_system	epss
scoring_elements	0.84547
published_at	2026-04-24T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84518
published_at	2026-04-18T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.8452
published_at	2026-04-21T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84425
published_at	2026-04-01T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84441
published_at	2026-04-02T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.8446
published_at	2026-04-04T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84461
published_at	2026-04-07T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84482
published_at	2026-04-08T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84488
published_at	2026-04-09T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84507
published_at	2026-04-11T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84501
published_at	2026-04-12T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84496
published_at	2026-04-13T12:55:00Z

value	0.02221
scoring_system	epss
scoring_elements	0.84517
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-2663

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=516259
reference_id	516259
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=516259

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540958
reference_id	540958
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=540958

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663
reference_id	CVE-2009-2663
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2663

reference_url	https://security.gentoo.org/glsa/200909-02
reference_id	GLSA-200909-02
reference_type
scores
url	https://security.gentoo.org/glsa/200909-02

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-45

reference_id

mfsa2009-45

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-45

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_id

mfsa2009-63

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_url	https://access.redhat.com/errata/RHSA-2009:1219
reference_id	RHSA-2009:1219
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1219

reference_url	https://usn.ubuntu.com/825-1/
reference_id	USN-825-1
reference_type
scores
url	https://usn.ubuntu.com/825-1/

fixed_packages

url	pkg:deb/debian/libvorbis@1.2.0.dfsg-6?distro=trixie
purl	pkg:deb/debian/libvorbis@1.2.0.dfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.2.0.dfsg-6%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-1%3Fdistro=trixie

url	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
purl	pkg:deb/debian/libvorbis@1.3.7-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

aliases CVE-2009-2663

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdfe-jqzv-rbb4

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbis@1.3.7-3%3Fdistro=trixie

Package Instance