Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-7r2a-ega4-cbbh

Summary

Improper Restriction of Operations within the Bounds of a Memory Buffer
OpenCV has a Buffer Overflow in the cv::PxMDecoder::readData function in grfmt_pxm.cpp, because an incorrect size value is used.

Aliases

alias	CVE-2017-17760

alias	GHSA-jcxv-2j3h-mg59

Fixed_packages

url pkg:deb/debian/opencv@3.2.0%2Bdfsg-6

purl pkg:deb/debian/opencv@3.2.0%2Bdfsg-6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-jypn-sttp-tkgm

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6

url	pkg:deb/debian/opencv@3.2.0%2Bdfsg-6?distro=trixie
purl	pkg:deb/debian/opencv@3.2.0%2Bdfsg-6?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@3.2.0%252Bdfsg-6%3Fdistro=trixie

url	pkg:deb/debian/opencv@4.5.1%2Bdfsg-5?distro=trixie
purl	pkg:deb/debian/opencv@4.5.1%2Bdfsg-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.5.1%252Bdfsg-5%3Fdistro=trixie

url	pkg:deb/debian/opencv@4.6.0%2Bdfsg-12?distro=trixie
purl	pkg:deb/debian/opencv@4.6.0%2Bdfsg-12?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.6.0%252Bdfsg-12%3Fdistro=trixie

url	pkg:deb/debian/opencv@4.10.0%2Bdfsg-5?distro=trixie
purl	pkg:deb/debian/opencv@4.10.0%2Bdfsg-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.10.0%252Bdfsg-5%3Fdistro=trixie

url	pkg:deb/debian/opencv@4.10.0%2Bdfsg-7?distro=trixie
purl	pkg:deb/debian/opencv@4.10.0%2Bdfsg-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@4.10.0%252Bdfsg-7%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/opencv@0.9.5-10

purl pkg:deb/debian/opencv@0.9.5-10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@0.9.5-10

url pkg:deb/debian/opencv@0.9.7-4

purl pkg:deb/debian/opencv@0.9.7-4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@0.9.7-4

url pkg:deb/debian/opencv@1.0.0-6.1

purl pkg:deb/debian/opencv@1.0.0-6.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@1.0.0-6.1

url pkg:deb/debian/opencv@2.1.0-3%2Bsqueeze1

purl pkg:deb/debian/opencv@2.1.0-3%2Bsqueeze1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@2.1.0-3%252Bsqueeze1

url pkg:deb/debian/opencv@2.3.1-11%2Bdeb7u1

purl pkg:deb/debian/opencv@2.3.1-11%2Bdeb7u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@2.3.1-11%252Bdeb7u1

url pkg:deb/debian/opencv@2.4.9.1%2Bdfsg-1

purl pkg:deb/debian/opencv@2.4.9.1%2Bdfsg-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@2.4.9.1%252Bdfsg-1

url pkg:deb/debian/opencv@2.4.9.1%2Bdfsg-1%2Bdeb8u1

purl pkg:deb/debian/opencv@2.4.9.1%2Bdfsg-1%2Bdeb8u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@2.4.9.1%252Bdfsg-1%252Bdeb8u1

url pkg:deb/debian/opencv@2.4.9.1%2Bdfsg1-2

purl pkg:deb/debian/opencv@2.4.9.1%2Bdfsg1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1bk1-pc9v-ykgv

vulnerability	VCID-1qhy-7pnz-aqga

vulnerability	VCID-21n5-7ukh-gyfr

vulnerability	VCID-22su-dw4m-pfe6

vulnerability	VCID-25vm-cytf-bqb1

vulnerability	VCID-2dwz-2v5y-4qeb

vulnerability	VCID-3zc6-3229-wfcc

vulnerability	VCID-4t6y-22xf-3ueq

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-b7m4-s1rg-wqe7

vulnerability	VCID-dv7w-p358-1qda

vulnerability	VCID-dw95-fpkf-pfew

vulnerability	VCID-e6gy-hka8-9bae

vulnerability	VCID-fjy7-r2wm-n3b4

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-jwwm-5zrf-a3af

vulnerability	VCID-jypn-sttp-tkgm

vulnerability	VCID-jzve-9vvd-mued

vulnerability	VCID-m3rr-ppwn-5kd8

vulnerability	VCID-qz2a-2d4y-y7hq

vulnerability	VCID-s11e-t19f-kfe4

vulnerability	VCID-syem-z8g2-n7h2

vulnerability	VCID-ttbc-7ys4-wfdw

vulnerability	VCID-vtbm-x7bk-tqgv

vulnerability	VCID-w461-q9h5-pfdg

vulnerability	VCID-yjd6-1et5-vqer

vulnerability	VCID-yjsn-xjss-wqe3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/opencv@2.4.9.1%252Bdfsg1-2

url pkg:pypi/opencv-contrib-python@3.3.1.11

purl pkg:pypi/opencv-contrib-python@3.3.1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-58aj-jc6y-dqcg

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-yjd6-1et5-vqer

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-contrib-python@3.3.1.11

url pkg:pypi/opencv-python@3.3.1.11

purl pkg:pypi/opencv-python@3.3.1.11

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-73g1-r39e-z7ez

vulnerability	VCID-7r2a-ega4-cbbh

vulnerability	VCID-8uwy-v2wq-n3cy

vulnerability	VCID-j87y-pgt8-xbat

vulnerability	VCID-yjd6-1et5-vqer

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/opencv-python@3.3.1.11

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17760.json

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-17760.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-17760

reference_id

reference_type

scores

value	0.01536
scoring_system	epss
scoring_elements	0.81695
published_at	2026-06-08T12:55:00Z

value	0.01536
scoring_system	epss
scoring_elements	0.81702
published_at	2026-06-07T12:55:00Z

value	0.01536
scoring_system	epss
scoring_elements	0.8167
published_at	2026-06-04T12:55:00Z

value	0.01536
scoring_system	epss
scoring_elements	0.81701
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-17760

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17760
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17760

reference_url

https://github.com/opencv/opencv/issues/10351

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencv/opencv/issues/10351

reference_url

https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencv/opencv/pull/10369/commits/7bbe1a53cfc097b82b1589f7915a2120de39274c

reference_url

https://github.com/opencv/opencv-python

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/opencv/opencv-python

reference_url

https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/01/msg00008.html

reference_url

https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2018/07/msg00030.html

reference_url

https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.debian.org/debian-lts-announce/2021/10/msg00028.html

reference_url

http://www.securityfocus.com/bid/102974

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/102974

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1530747
reference_id	1530747
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1530747

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885843
reference_id	885843
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=885843

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-17760

reference_id

CVE-2017-17760

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2017-17760

reference_url

https://github.com/advisories/GHSA-jcxv-2j3h-mg59

reference_id

GHSA-jcxv-2j3h-mg59

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-jcxv-2j3h-mg59

Weaknesses

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

cwe_id	119
name	Improper Restriction of Operations within the Bounds of a Memory Buffer
description	The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	131
name	Incorrect Calculation of Buffer Size
description	The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7r2a-ega4-cbbh

Vulnerability Instance