Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-e6s1-4q8v-yfdp
Vulnerability ID VCID-e6s1-4q8v-yfdp
Aliases CVE-2017-1000100
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-125 Out-of-bounds Read
CWE-126 Buffer Over-read
System Score Found at
cvssv3.1 6.5 https://access.redhat.com/errata/RHSA-2018:3558
ssvc Track https://access.redhat.com/errata/RHSA-2018:3558
cvssv3 4.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json
epss 0.00618 https://api.first.org/data/v1/epss?cve=CVE-2017-1000100
cvssv3.1 6.5 https://curl.haxx.se/docs/adv_20170809B.html
ssvc Track https://curl.haxx.se/docs/adv_20170809B.html
cvssv3.1 High https://curl.se/docs/CVE-2017-1000100.html
cvssv2 1.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 3.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux Medium https://security.archlinux.org/AVG-370
archlinux Medium https://security.archlinux.org/AVG-371
archlinux Medium https://security.archlinux.org/AVG-386
archlinux Medium https://security.archlinux.org/AVG-387
archlinux Medium https://security.archlinux.org/AVG-388
archlinux Medium https://security.archlinux.org/AVG-389
cvssv3.1 6.5 https://security.gentoo.org/glsa/201709-14
ssvc Track https://security.gentoo.org/glsa/201709-14
cvssv3.1 6.5 https://support.apple.com/HT208221
ssvc Track https://support.apple.com/HT208221
cvssv3.1 6.5 http://www.debian.org/security/2017/dsa-3992
ssvc Track http://www.debian.org/security/2017/dsa-3992
cvssv3.1 6.5 http://www.securityfocus.com/bid/100286
ssvc Track http://www.securityfocus.com/bid/100286
cvssv3.1 6.5 http://www.securitytracker.com/id/1039118
ssvc Track http://www.securitytracker.com/id/1039118
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json
https://api.first.org/data/v1/epss?cve=CVE-2017-1000100
https://curl.se/docs/CVE-2017-1000100.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000100
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000101
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000254
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
100286 http://www.securityfocus.com/bid/100286
1039118 http://www.securitytracker.com/id/1039118
1478310 https://bugzilla.redhat.com/show_bug.cgi?id=1478310
871555 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871555
adv_20170809B.html https://curl.haxx.se/docs/adv_20170809B.html
ASA-201708-16 https://security.archlinux.org/ASA-201708-16
ASA-201710-3 https://security.archlinux.org/ASA-201710-3
ASA-201710-4 https://security.archlinux.org/ASA-201710-4
ASA-201710-5 https://security.archlinux.org/ASA-201710-5
ASA-201710-6 https://security.archlinux.org/ASA-201710-6
ASA-201710-7 https://security.archlinux.org/ASA-201710-7
AVG-370 https://security.archlinux.org/AVG-370
AVG-371 https://security.archlinux.org/AVG-371
AVG-386 https://security.archlinux.org/AVG-386
AVG-387 https://security.archlinux.org/AVG-387
AVG-388 https://security.archlinux.org/AVG-388
AVG-389 https://security.archlinux.org/AVG-389
dsa-3992 http://www.debian.org/security/2017/dsa-3992
GLSA-201709-14 https://security.gentoo.org/glsa/201709-14
HT208221 https://support.apple.com/HT208221
USN-3441-1 https://usn.ubuntu.com/3441-1/
USN-3441-2 https://usn.ubuntu.com/3441-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2018:3558
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at https://access.redhat.com/errata/RHSA-2018:3558
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000100.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://curl.haxx.se/docs/adv_20170809B.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at https://curl.haxx.se/docs/adv_20170809B.html
Vector: AV:L/AC:M/Au:S/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/201709-14
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at https://security.gentoo.org/glsa/201709-14
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at https://support.apple.com/HT208221
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at https://support.apple.com/HT208221
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.debian.org/security/2017/dsa-3992
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at http://www.debian.org/security/2017/dsa-3992
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.securityfocus.com/bid/100286
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at http://www.securityfocus.com/bid/100286
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Found at http://www.securitytracker.com/id/1039118
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:34:47Z/ Found at http://www.securitytracker.com/id/1039118
Exploit Prediction Scoring System (EPSS)
Percentile 0.70284
EPSS Score 0.00618
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T09:34:04.173554+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.10/main.json 38.6.0