Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035502?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035502?format=api", "purl": "pkg:deb/debian/libytnef@1.5-4", "type": "deb", "namespace": "debian", "name": "libytnef", "version": "1.5-4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.9.3-3", "latest_non_vulnerable_version": "1.9.3-3", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93077?format=api", "vulnerability_id": "VCID-21bd-whcr-ekgv", "summary": "In ytnef 1.9.2, a heap-based buffer overflow vulnerability was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38665", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38815", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38793", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38816", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38752", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38798", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38696", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38541", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38516", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38428", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38308", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3838", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.3839", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12141" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12141", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12141" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870815", "reference_id": "870815", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870815" }, { "reference_url": "https://usn.ubuntu.com/3667-1/", "reference_id": "USN-3667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3667-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-12141" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21bd-whcr-ekgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93396?format=api", "vulnerability_id": "VCID-2zd4-eyeq-27dd", "summary": "In ytnef 1.9.2, the SwapWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9471", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45393", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45467", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45489", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45509", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45479", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.4548", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45531", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45528", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45478", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45403", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45343", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45238", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.45302", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00227", "scoring_system": "epss", "scoring_elements": "0.4532", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9471" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9471", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9471" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870194", "reference_id": "870194", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870194" }, { "reference_url": "https://usn.ubuntu.com/3667-1/", "reference_id": "USN-3667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3667-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9471" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zd4-eyeq-27dd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57207?format=api", "vulnerability_id": "VCID-4vcd-yfbf-2bew", "summary": "Multiple vulnerabilities have been discovered in ytnef, the worst of which could potentially lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.84055", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83861", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83875", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83891", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83917", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83923", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83939", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83933", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.8393", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83955", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83956", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83982", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.8399", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.83995", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.84016", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02066", "scoring_system": "epss", "scoring_elements": "0.84038", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3404" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982596", "reference_id": "982596", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982596" }, { "reference_url": "https://security.archlinux.org/AVG-1552", "reference_id": "AVG-1552", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1552" }, { "reference_url": "https://security.gentoo.org/glsa/202405-24", "reference_id": "GLSA-202405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1054416?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-3" } ], "aliases": [ "CVE-2021-3404" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vcd-yfbf-2bew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57206?format=api", "vulnerability_id": "VCID-4w5v-t22x-5khp", "summary": "Multiple vulnerabilities have been discovered in ytnef, the worst of which could potentially lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75649", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75448", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.7545", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75481", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75462", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75504", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75513", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75533", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75512", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75502", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75544", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.7555", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75537", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75575", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.7558", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75584", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75595", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00889", "scoring_system": "epss", "scoring_elements": "0.75624", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3403" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982594", "reference_id": "982594", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982594" }, { "reference_url": "https://security.archlinux.org/AVG-1552", "reference_id": "AVG-1552", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1552" }, { "reference_url": "https://security.gentoo.org/glsa/202405-24", "reference_id": "GLSA-202405-24", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-24" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1054416?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-3" } ], "aliases": [ "CVE-2021-3403" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4w5v-t22x-5khp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85648?format=api", "vulnerability_id": "VCID-6bb4-nr6n-wufy", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5809", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58175", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58223", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58244", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58221", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58232", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58235", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5821", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58189", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58137", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5818", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58241", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6304" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bb4-nr6n-wufy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93369?format=api", "vulnerability_id": "VCID-8esx-t2u5-e3hq", "summary": "The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69629", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69641", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69657", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69685", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69702", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69725", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69697", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69737", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69746", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69727", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69778", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69786", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69792", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69765", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69809", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69839", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862707", "reference_id": "862707", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862707" }, { "reference_url": "https://usn.ubuntu.com/3667-1/", "reference_id": "USN-3667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3667-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9146" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8esx-t2u5-e3hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85651?format=api", "vulnerability_id": "VCID-c3hk-hm71-eqdf", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.6748", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67516", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67537", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67581", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.6759", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67557", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67592", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67605", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67583", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67602", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67613", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67615", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67634", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00538", "scoring_system": "epss", "scoring_elements": "0.67671", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6800" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c3hk-hm71-eqdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85643?format=api", "vulnerability_id": "VCID-cx2k-skx9-j3c6", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57611", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57632", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57661", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57659", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57668", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57664", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57642", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57601", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.5762", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57599", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57555", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00352", "scoring_system": "epss", "scoring_elements": "0.57663", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6299" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cx2k-skx9-j3c6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85646?format=api", "vulnerability_id": "VCID-d529-bgrd-6ya7", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55079", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.5518", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55204", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55229", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.5524", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55221", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55203", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55241", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55244", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.5516", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55181", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55152", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55143", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.552", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6302" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d529-bgrd-6ya7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93351?format=api", "vulnerability_id": "VCID-d7md-3ueu-puhr", "summary": "In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.6005", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59854", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.5993", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59956", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59976", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59989", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.6001", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59995", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59977", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60009", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.5998", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59998", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59985", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59946", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.59993", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9058" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556", "reference_id": "862556", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=862556" }, { "reference_url": "https://security.archlinux.org/ASA-201708-10", "reference_id": "ASA-201708-10", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201708-10" }, { "reference_url": "https://security.archlinux.org/AVG-275", "reference_id": "AVG-275", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-275" }, { "reference_url": "https://usn.ubuntu.com/3667-1/", "reference_id": "USN-3667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3667-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-9058" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7md-3ueu-puhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85642?format=api", "vulnerability_id": "VCID-dnnp-fjbz-u7b6", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54288", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54308", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54338", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54365", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.5436", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54412", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54394", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54357", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54371", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54348", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54298", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54342", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00312", "scoring_system": "epss", "scoring_elements": "0.54398", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6298" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnnp-fjbz-u7b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93399?format=api", "vulnerability_id": "VCID-efxj-4v6j-fbaa", "summary": "In ytnef 1.9.2, the DecompressRTF function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41583", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41559", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41568", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41557", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41543", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41588", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41563", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41487", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4138", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41375", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41297", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41163", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41236", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41253", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870192", "reference_id": "870192", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870192" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9474" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-efxj-4v6j-fbaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85649?format=api", "vulnerability_id": "VCID-j1fz-gkzw-qbc9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55867", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56032", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56043", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56005", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56041", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56044", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55943", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55963", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55938", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55886", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55933", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55993", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6305" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1fz-gkzw-qbc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85645?format=api", "vulnerability_id": "VCID-jhtz-myes-dua9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5809", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58175", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58223", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58228", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58244", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58221", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58232", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58235", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5821", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58189", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58137", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.5818", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0036", "scoring_system": "epss", "scoring_elements": "0.58241", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6301" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jhtz-myes-dua9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85650?format=api", "vulnerability_id": "VCID-mhyf-fp38-u3de", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.6451", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.6455", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64598", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.6462", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64638", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64624", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64644", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64656", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64653", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64631", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64679", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00471", "scoring_system": "epss", "scoring_elements": "0.64723", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6306" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhyf-fp38-u3de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93078?format=api", "vulnerability_id": "VCID-nrgn-8ky2-pyec", "summary": "In ytnef 1.9.2, an invalid memory read vulnerability was found in the function SwapDWord in ytnef.c, which allows attackers to cause a denial of service via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36308", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36483", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36517", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36355", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36405", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36397", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36375", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36121", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3609", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36004", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.35885", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.35954", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.35974", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870816", "reference_id": "870816", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870816" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-12142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrgn-8ky2-pyec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85653?format=api", "vulnerability_id": "VCID-qjgm-8c1m-qbfg", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73947", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73954", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.7398", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73951", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73998", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.7402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74002", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73994", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74034", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74043", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74067", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74075", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74094", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.74115", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6802" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6802" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjgm-8c1m-qbfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93397?format=api", "vulnerability_id": "VCID-qkuz-r9a9-vqbx", "summary": "In ytnef 1.9.2, the SwapDWord function in lib/ytnef.c allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41465", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41583", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41559", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41568", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41557", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41543", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41588", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41563", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41487", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4138", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41375", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41297", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41163", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41236", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41253", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9472" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870193", "reference_id": "870193", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870193" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9472" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkuz-r9a9-vqbx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93398?format=api", "vulnerability_id": "VCID-sag4-mswc-hbg5", "summary": "In ytnef 1.9.2, the TNEFFillMapi function in lib/ytnef.c allows remote attackers to cause a denial of service (memory consumption) via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49523", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49553", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49533", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49589", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49583", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49571", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49572", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49619", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49617", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49587", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49578", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49588", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49547", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49464", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9473" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870197", "reference_id": "870197", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870197" }, { "reference_url": "https://usn.ubuntu.com/3667-1/", "reference_id": "USN-3667-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3667-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sag4-mswc-hbg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93080?format=api", "vulnerability_id": "VCID-uar8-sxnf-efhs", "summary": "In ytnef 1.9.2, an allocation failure was found in the function TNEFFillMapi in ytnef.c, which allows attackers to cause a denial of service via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55777", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.5589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55941", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55943", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55952", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55914", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.5595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55954", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55929", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55855", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55874", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55849", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.5579", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55837", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55896", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-12144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12144" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870817", "reference_id": "870817", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870817" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-12144" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uar8-sxnf-efhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93395?format=api", "vulnerability_id": "VCID-ujwn-5uux-gygu", "summary": "In ytnef 1.9.2, the MAPIPrint function in lib/ytnef.c allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45292", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45336", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45413", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45383", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45435", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.4543", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.4538", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45293", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.453", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.4524", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45138", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45202", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45218", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9470" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870196", "reference_id": "870196", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870196" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049950?format=api", "purl": "pkg:deb/debian/libytnef@1.9.3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.3-1" } ], "aliases": [ "CVE-2017-9470" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ujwn-5uux-gygu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85652?format=api", "vulnerability_id": "VCID-vbsd-6wyd-qfgp", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66126", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66195", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66164", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66225", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66232", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66251", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66236", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.6626", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66273", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66272", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66249", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66293", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66335", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6801" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vbsd-6wyd-qfgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85644?format=api", "vulnerability_id": "VCID-vsdy-7eh2-8yc9", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57303", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57353", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57351", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.5733", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57357", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57352", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57287", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57309", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57291", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57241", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57285", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00347", "scoring_system": "epss", "scoring_elements": "0.57348", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6300" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vsdy-7eh2-8yc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85647?format=api", "vulnerability_id": "VCID-z8rr-5xpx-eqbb", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55867", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55999", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56029", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56032", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56043", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56005", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56041", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56044", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56017", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55943", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55963", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55938", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55886", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55933", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55993", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6299" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6302" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6303" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6801" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6802" }, { "reference_url": "https://usn.ubuntu.com/3288-1/", "reference_id": "USN-3288-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3288-1/" }, { "reference_url": "https://usn.ubuntu.com/4615-1/", "reference_id": "USN-4615-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4615-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035504?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6%2Bdeb8u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6%252Bdeb8u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049949?format=api", "purl": "pkg:deb/debian/libytnef@1.9.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.9.2-2" } ], "aliases": [ "CVE-2017-6303" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8rr-5xpx-eqbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/92115?format=api", "vulnerability_id": "VCID-zaqk-yw24-t7h1", "summary": "Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5109", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79193", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.792", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79223", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79209", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79242", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79266", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79251", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79262", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79263", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79298", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79304", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79322", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79335", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79355", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0124", "scoring_system": "epss", "scoring_elements": "0.79373", "published_at": "2026-05-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5109" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5109" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468", "reference_id": "705468", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=705468" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360", "reference_id": "771360", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771360" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035503?format=api", "purl": "pkg:deb/debian/libytnef@1.5-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21bd-whcr-ekgv" }, { "vulnerability": "VCID-2zd4-eyeq-27dd" }, { "vulnerability": "VCID-4vcd-yfbf-2bew" }, { "vulnerability": "VCID-4w5v-t22x-5khp" }, { "vulnerability": "VCID-6bb4-nr6n-wufy" }, { "vulnerability": "VCID-8esx-t2u5-e3hq" }, { "vulnerability": "VCID-c3hk-hm71-eqdf" }, { "vulnerability": "VCID-cx2k-skx9-j3c6" }, { "vulnerability": "VCID-d529-bgrd-6ya7" }, { "vulnerability": "VCID-d7md-3ueu-puhr" }, { "vulnerability": "VCID-dnnp-fjbz-u7b6" }, { "vulnerability": "VCID-efxj-4v6j-fbaa" }, { "vulnerability": "VCID-j1fz-gkzw-qbc9" }, { "vulnerability": "VCID-jhtz-myes-dua9" }, { "vulnerability": "VCID-mhyf-fp38-u3de" }, { "vulnerability": "VCID-nrgn-8ky2-pyec" }, { "vulnerability": "VCID-qjgm-8c1m-qbfg" }, { "vulnerability": "VCID-qkuz-r9a9-vqbx" }, { "vulnerability": "VCID-sag4-mswc-hbg5" }, { "vulnerability": "VCID-uar8-sxnf-efhs" }, { "vulnerability": "VCID-ujwn-5uux-gygu" }, { "vulnerability": "VCID-vbsd-6wyd-qfgp" }, { "vulnerability": "VCID-vsdy-7eh2-8yc9" }, { "vulnerability": "VCID-z8rr-5xpx-eqbb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-6" } ], "aliases": [ "CVE-2010-5109" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zaqk-yw24-t7h1" } ], "fixing_vulnerabilities": [], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libytnef@1.5-4" }