Lookup for vulnerable packages by Package URL.
| Purl | pkg:deb/debian/libytnef@1.9.3-1?distro=trixie |
|---|
| Type | deb |
|---|
| Namespace | debian |
|---|
| Name | libytnef |
|---|
| Version | 1.9.3-1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | false |
|---|
| Next_non_vulnerable_version | 1.9.3-3 |
|---|
| Latest_non_vulnerable_version | 2.1.2-1 |
|---|
| Affected_by_vulnerabilities |
|
|---|
| Fixing_vulnerabilities |
| 0 |
| url |
VCID-21bd-whcr-ekgv |
| vulnerability_id |
VCID-21bd-whcr-ekgv |
| summary |
In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12141 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38665 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38794 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38815 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38743 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38793 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38804 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38816 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.3878 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38752 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38798 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38776 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38696 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00174 |
| scoring_system |
epss |
| scoring_elements |
0.38541 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12141 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-12141
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-21bd-whcr-ekgv |
|
| 1 |
| url |
VCID-2zd4-eyeq-27dd |
| vulnerability_id |
VCID-2zd4-eyeq-27dd |
| summary |
In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9471 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45393 |
| published_at |
2026-04-24T12:55:00Z |
|
| 1 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45467 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45489 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45433 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45488 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45509 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45479 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.4548 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45531 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45528 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00227 |
| scoring_system |
epss |
| scoring_elements |
0.45478 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9471 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9471
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2zd4-eyeq-27dd |
|
| 2 |
| url |
VCID-8esx-t2u5-e3hq |
| vulnerability_id |
VCID-8esx-t2u5-e3hq |
| summary |
The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9146 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69629 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69641 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69657 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69635 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69685 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69702 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69725 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.6971 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69697 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69737 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69746 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69727 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00608 |
| scoring_system |
epss |
| scoring_elements |
0.69778 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9146 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9146
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8esx-t2u5-e3hq |
|
| 3 |
| url |
VCID-efxj-4v6j-fbaa |
| vulnerability_id |
VCID-efxj-4v6j-fbaa |
| summary |
In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9474 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41465 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41555 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41583 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41509 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41559 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41568 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.4159 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41557 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41543 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41588 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41563 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41487 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.4138 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9474 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9474
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-efxj-4v6j-fbaa |
|
| 4 |
| url |
VCID-nrgn-8ky2-pyec |
| vulnerability_id |
VCID-nrgn-8ky2-pyec |
| summary |
In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12142 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36308 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36483 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36517 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36355 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36405 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36425 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36432 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36397 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36375 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36416 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36399 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36344 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00156 |
| scoring_system |
epss |
| scoring_elements |
0.36121 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12142 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-12142
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nrgn-8ky2-pyec |
|
| 5 |
| url |
VCID-qkuz-r9a9-vqbx |
| vulnerability_id |
VCID-qkuz-r9a9-vqbx |
| summary |
In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9472 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41465 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41555 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41583 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41509 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41559 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41568 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.4159 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41557 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41543 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41588 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41563 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.41487 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00196 |
| scoring_system |
epss |
| scoring_elements |
0.4138 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9472 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9472
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qkuz-r9a9-vqbx |
|
| 6 |
| url |
VCID-sag4-mswc-hbg5 |
| vulnerability_id |
VCID-sag4-mswc-hbg5 |
| summary |
In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9473 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49523 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49553 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49581 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49533 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49589 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49583 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.496 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49571 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49572 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49619 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49617 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49587 |
| published_at |
2026-04-21T12:55:00Z |
|
| 12 |
| value |
0.00262 |
| scoring_system |
epss |
| scoring_elements |
0.49578 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9473 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9473
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sag4-mswc-hbg5 |
|
| 7 |
| url |
VCID-uar8-sxnf-efhs |
| vulnerability_id |
VCID-uar8-sxnf-efhs |
| summary |
In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12144 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55777 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.5589 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55911 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55941 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55943 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55952 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55932 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55914 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.5595 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55954 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55929 |
| published_at |
2026-04-21T12:55:00Z |
|
| 11 |
| value |
0.00329 |
| scoring_system |
epss |
| scoring_elements |
0.55855 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-12144 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-12144
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uar8-sxnf-efhs |
|
| 8 |
| url |
VCID-ujwn-5uux-gygu |
| vulnerability_id |
VCID-ujwn-5uux-gygu |
| summary |
In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9470 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45292 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45372 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45392 |
| published_at |
2026-04-09T12:55:00Z |
|
| 3 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45336 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45391 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45413 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45382 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45383 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45435 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4543 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.4538 |
| published_at |
2026-04-21T12:55:00Z |
|
| 11 |
| value |
0.00226 |
| scoring_system |
epss |
| scoring_elements |
0.45293 |
| published_at |
2026-04-24T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-9470 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-9470
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ujwn-5uux-gygu |
|
|
|---|
| Risk_score | null |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1%3Fdistro=trixie |
|---|