{"url":"http://public2.vulnerablecode.io/api/packages/1035862?format=json","purl":"pkg:deb/debian/audiofile@0.2.6-6","type":"deb","namespace":"debian","name":"audiofile","version":"0.2.6-6","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0.3.6-5+deb12u1","latest_non_vulnerable_version":"0.3.6-5+deb12u1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/88266?format=json","vulnerability_id":"VCID-1ska-p8g4-yudv","summary":"audiofile: heap-based overflow in Microsoft ADPCM compression module (app crash, arb. code execution)","references":[{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"},{"reference_url":"http://musicpd.org/mantis/view.php?id=1915","reference_id":"","reference_type":"","scores":[],"url":"http://musicpd.org/mantis/view.php?id=1915"},{"reference_url":"http://openwall.com/lists/oss-security/2008/12/30/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2008/12/30/1"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5824.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5824.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5824","reference_id":"","reference_type":"","scores":[{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93109","published_at":"2026-04-01T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93134","published_at":"2026-04-09T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93139","published_at":"2026-04-11T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93119","published_at":"2026-04-02T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.93121","published_at":"2026-04-07T12:55:00Z"},{"value":"0.10215","scoring_system":"epss","scoring_elements":"0.9313","published_at":"2026-04-08T12:55:00Z"},{"value":"0.14579","scoring_system":"epss","scoring_elements":"0.94469","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5824"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5824"},{"reference_url":"http://secunia.com/advisories/33273","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/33273"},{"reference_url":"http://www.securityfocus.com/bid/33066","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/33066"},{"reference_url":"http://www.ubuntu.com/usn/USN-912-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-912-1"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0005","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2009/0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=479966","reference_id":"479966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=479966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205","reference_id":"510205","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:68k:audiofile:0.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:68k:audiofile:0.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:68k:audiofile:0.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-5824","reference_id":"CVE-2008-5824","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-5824"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32691.txt","reference_id":"CVE-2008-5824;OSVDB-51069","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/32691.txt"},{"reference_url":"https://www.securityfocus.com/bid/33066/info","reference_id":"CVE-2008-5824;OSVDB-51069","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/33066/info"},{"reference_url":"https://usn.ubuntu.com/912-1/","reference_id":"USN-912-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/912-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035865?format=json","purl":"pkg:deb/debian/audiofile@0.2.6-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.2.6-8"}],"aliases":["CVE-2008-5824"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ska-p8g4-yudv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84556?format=json","vulnerability_id":"VCID-2fxt-mcp5-vkdz","summary":"audiofile: Index out of bounds for type int16_t","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6837.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6837","reference_id":"","reference_type":"","scores":[{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90718","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90768","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90746","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90757","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90763","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90771","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90724","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06086","scoring_system":"epss","scoring_elements":"0.90735","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6837"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0"},{"reference_url":"https://github.com/mpruett/audiofile/issues/41","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/41"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/9"},{"reference_url":"http://www.securityfocus.com/bid/97314","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97314"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432942","reference_id":"1432942","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432942"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6837","reference_id":"CVE-2017-6837","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6837"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6837"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2fxt-mcp5-vkdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84547?format=json","vulnerability_id":"VCID-411s-5r62-zubr","summary":"audiofile: Heap-based buffer overflow in readValue","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6828.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6828.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6828","reference_id":"","reference_type":"","scores":[{"value":"0.17241","scoring_system":"epss","scoring_elements":"0.95028","published_at":"2026-04-13T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.9571","published_at":"2026-04-01T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.95719","published_at":"2026-04-02T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.95727","published_at":"2026-04-04T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.9573","published_at":"2026-04-07T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.95739","published_at":"2026-04-08T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.95742","published_at":"2026-04-09T12:55:00Z"},{"value":"0.21753","scoring_system":"epss","scoring_elements":"0.95746","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432925","reference_id":"1432925","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432925"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6828"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-411s-5r62-zubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84550?format=json","vulnerability_id":"VCID-5ckf-qbbb-57f7","summary":"audiofile: Heap-based buffer overflow in IMA::decodeBlockWAVE","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6831.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6831.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6831","reference_id":"","reference_type":"","scores":[{"value":"0.02789","scoring_system":"epss","scoring_elements":"0.86083","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.8916","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89156","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89109","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89144","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6831"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/antlarr/audiofile/commit/a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/antlarr/audiofile/commit/a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6"},{"reference_url":"https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2017-6831"},{"reference_url":"https://github.com/mpruett/audiofile/issues/35","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/35"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/3","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/3"},{"reference_url":"http://www.securityfocus.com/bid/97588","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97588"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432930","reference_id":"1432930","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432930"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6831","reference_id":"CVE-2017-6831","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6831"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6831"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ckf-qbbb-57f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84549?format=json","vulnerability_id":"VCID-87tp-awyv-4yad","summary":"audiofile: Heap-based buffer overflow in alaw2linear_buf","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6830.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6830.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6830","reference_id":"","reference_type":"","scores":[{"value":"0.04897","scoring_system":"epss","scoring_elements":"0.89594","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91337","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91378","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91384","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91341","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91359","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91371","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6830"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-alaw2linear_buf-g711-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/mpruett/audiofile/issues/34","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/34"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432929","reference_id":"1432929","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6830","reference_id":"CVE-2017-6830","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6830"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6830"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87tp-awyv-4yad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83345?format=json","vulnerability_id":"VCID-8jyp-6tk9-bfd5","summary":"audiofile: NULL pointer dereference in ModuleState::setup() in modules/ModuleState.cpp allows for denial of service via crafted file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13440.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13440.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13440","reference_id":"","reference_type":"","scores":[{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90667","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90714","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90716","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90717","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90671","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90681","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.9069","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06018","scoring_system":"epss","scoring_elements":"0.90701","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13440"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mpruett/audiofile/issues/49","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/49"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600367","reference_id":"1600367","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1600367"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903499","reference_id":"903499","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903499"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13440","reference_id":"CVE-2018-13440","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-13440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3877","reference_id":"RHSA-2020:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3877"},{"reference_url":"https://usn.ubuntu.com/3800-1/","reference_id":"USN-3800-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3800-1/"},{"reference_url":"https://usn.ubuntu.com/6558-1/","reference_id":"USN-6558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049751?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5"}],"aliases":["CVE-2018-13440"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jyp-6tk9-bfd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84554?format=json","vulnerability_id":"VCID-913x-rwya-xbgt","summary":"audiofile: Heap-based buffer overflow in Expand3To4Module::run","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6836.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6836","reference_id":"","reference_type":"","scores":[{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89652","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89694","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89695","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89702","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89701","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89655","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.8967","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89672","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04984","scoring_system":"epss","scoring_elements":"0.89689","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6836"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-expand3to4modulerun-simplemodule-h/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/mpruett/audiofile/issues/40","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/40"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/8"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432937","reference_id":"1432937","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6836","reference_id":"CVE-2017-6836","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6836"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6836"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-913x-rwya-xbgt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84557?format=json","vulnerability_id":"VCID-aeat-dx5y-dfgr","summary":"audiofile: Signed integer overflow in sfconvert.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6838.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6838.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6838","reference_id":"","reference_type":"","scores":[{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90439","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.9048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90461","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90479","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90443","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90455","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6838"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/antlarr/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/antlarr/audiofile/commit/7d65f89defb092b63bcbc5d98349fb222ca73b3c"},{"reference_url":"https://github.com/mpruett/audiofile/issues/41","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/41"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432943","reference_id":"1432943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432943"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6838","reference_id":"CVE-2017-6838","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6838"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6838"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aeat-dx5y-dfgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83141?format=json","vulnerability_id":"VCID-e4m1-b558-gkhv","summary":"audiofile: Heap-based buffer overflow in Expand3To4Module::run() when running sfconvert","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17095.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17095.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17095","reference_id":"","reference_type":"","scores":[{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.93739","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.9375","published_at":"2026-04-04T12:55:00Z"},{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.93752","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.93762","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.93764","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11985","scoring_system":"epss","scoring_elements":"0.93769","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12531","scoring_system":"epss","scoring_elements":"0.93901","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17095"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17095","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17095"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631088","reference_id":"1631088","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1631088"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913166","reference_id":"913166","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913166"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:3877","reference_id":"RHSA-2020:3877","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:3877"},{"reference_url":"https://usn.ubuntu.com/3800-1/","reference_id":"USN-3800-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3800-1/"},{"reference_url":"https://usn.ubuntu.com/6558-1/","reference_id":"USN-6558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049751?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5"}],"aliases":["CVE-2018-17095"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e4m1-b558-gkhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79630?format=json","vulnerability_id":"VCID-fwy3-sk29-mfhw","summary":"audiofile: memory leak in printinfo.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24599.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24599","reference_id":"","reference_type":"","scores":[{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44589","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4461","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44547","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44564","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44534","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44536","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24599"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008017","reference_id":"1008017","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008017"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2058371","reference_id":"2058371","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2058371"},{"reference_url":"https://usn.ubuntu.com/6558-1/","reference_id":"USN-6558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049752?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5%252Bdeb12u1"}],"aliases":["CVE-2022-24599"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwy3-sk29-mfhw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84552?format=json","vulnerability_id":"VCID-gg9m-4dyw-3ub1","summary":"audiofile: Divide-by-zero in BlockCodec::runPull","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6833.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6833","reference_id":"","reference_type":"","scores":[{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90439","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.9048","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90473","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90479","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90486","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90443","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90455","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.90461","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6833"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecrunpull-blockcodec-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/mpruett/audiofile/issues/37","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/37"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/5"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432933","reference_id":"1432933","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432933"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6833","reference_id":"CVE-2017-6833","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6833"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6833"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gg9m-4dyw-3ub1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82440?format=json","vulnerability_id":"VCID-hpre-4v15-xkb6","summary":"audiofile: a NULL pointer dereference in ulaw2linear_buf in G711.cpp in libmodules.a leading to DoS","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13147.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13147.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13147","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34125","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33887","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34224","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34257","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3412","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34163","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34191","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34192","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34149","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13147"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13147","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13147"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1726067","reference_id":"1726067","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1726067"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343","reference_id":"931343","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931343"},{"reference_url":"https://usn.ubuntu.com/6558-1/","reference_id":"USN-6558-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6558-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049752?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-5%2Bdeb12u1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-5%252Bdeb12u1"}],"aliases":["CVE-2019-13147"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpre-4v15-xkb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84555?format=json","vulnerability_id":"VCID-j162-684h-wqak","summary":"audiofile: Divide-by-zero in BlockCodec::reset1","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6835.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6835","reference_id":"","reference_type":"","scores":[{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89011","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89065","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89035","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89054","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6835"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-divide-by-zero-in-blockcodecreset1-blockcodec-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/mpruett/audiofile/issues/39","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/39"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432939","reference_id":"1432939","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432939"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6835","reference_id":"CVE-2017-6835","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6835"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6835"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j162-684h-wqak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84546?format=json","vulnerability_id":"VCID-nmab-8ky6-nyb4","summary":"audiofile: Heap-based buffer overflow in MSADPCM::initializeCoefficients","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6827.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6827","reference_id":"","reference_type":"","scores":[{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.9692","published_at":"2026-04-01T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96932","published_at":"2026-04-04T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96936","published_at":"2026-04-07T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96946","published_at":"2026-04-09T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96949","published_at":"2026-04-11T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.9695","published_at":"2026-04-12T12:55:00Z"},{"value":"0.33778","scoring_system":"epss","scoring_elements":"0.96951","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432924","reference_id":"1432924","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432924"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6827"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nmab-8ky6-nyb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84558?format=json","vulnerability_id":"VCID-qw16-rfw7-2qdk","summary":"audiofile: Signed integer overflow in MSADPCM.cpp","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6839.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6839.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6839","reference_id":"","reference_type":"","scores":[{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89011","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89035","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89037","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89054","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89059","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89071","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89067","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04451","scoring_system":"epss","scoring_elements":"0.89019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05773","scoring_system":"epss","scoring_elements":"0.9048","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6839"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/antlarr/audiofile/commit/beacc44eb8cdf6d58717ec1a5103c5141f1b37f9"},{"reference_url":"https://github.com/mpruett/audiofile/issues/41","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/41"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/9","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/9"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432944","reference_id":"1432944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6839","reference_id":"CVE-2017-6839","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6839"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6839"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw16-rfw7-2qdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84553?format=json","vulnerability_id":"VCID-sekd-w6gm-67dv","summary":"audiofile: Heap-based buffer overflow in ulaw2linear_buf","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6834.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6834","reference_id":"","reference_type":"","scores":[{"value":"0.04313","scoring_system":"epss","scoring_elements":"0.88897","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91337","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91378","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91384","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91387","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91341","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91351","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06895","scoring_system":"epss","scoring_elements":"0.91359","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6834"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-ulaw2linear_buf-g711-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/mpruett/audiofile/issues/38","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/38"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/6"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432935","reference_id":"1432935","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432935"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6834","reference_id":"CVE-2017-6834","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6834"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6834"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sekd-w6gm-67dv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84548?format=json","vulnerability_id":"VCID-sfj3-8vbt-bkfp","summary":"audiofile: Global buffer overflow in decodeSample","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6829.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6829.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6829","reference_id":"","reference_type":"","scores":[{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89166","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89212","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89222","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89218","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89173","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89187","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89189","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04576","scoring_system":"epss","scoring_elements":"0.89208","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6829"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/antlarr/audiofile/commit/25eb00ce913452c2e614548d7df93070bf0d066f","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/antlarr/audiofile/commit/25eb00ce913452c2e614548d7df93070bf0d066f"},{"reference_url":"https://github.com/mpruett/audiofile/issues/33","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/33"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/1"},{"reference_url":"http://www.securityfocus.com/bid/97189","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432928","reference_id":"1432928","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432928"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6829","reference_id":"CVE-2017-6829","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6829"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6829"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfj3-8vbt-bkfp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84551?format=json","vulnerability_id":"VCID-ur9b-fgja-r7he","summary":"audiofile: Heap-based buffer overflow in MSADPCM::decodeBlock","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6832.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6832","reference_id":"","reference_type":"","scores":[{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89153","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89149","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.8916","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89156","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89109","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89123","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04517","scoring_system":"epss","scoring_elements":"0.89144","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6832"},{"reference_url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp/","reference_id":"","reference_type":"","scores":[],"url":"https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-msadpcmdecodeblock-msadpcm-cpp/"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6828"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6829"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6838"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6839"},{"reference_url":"https://github.com/mpruett/audiofile/issues/36","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/issues/36"},{"reference_url":"https://github.com/mpruett/audiofile/pull/42","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mpruett/audiofile/pull/42"},{"reference_url":"http://www.debian.org/security/2017/dsa-3814","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3814"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/13/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/13/4"},{"reference_url":"http://www.securityfocus.com/bid/97589","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97589"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432932","reference_id":"1432932","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1432932"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651","reference_id":"857651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857651"},{"reference_url":"https://security.archlinux.org/ASA-201708-9","reference_id":"ASA-201708-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201708-9"},{"reference_url":"https://security.archlinux.org/AVG-205","reference_id":"AVG-205","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-205"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:audiofile:audiofile:0.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6832","reference_id":"CVE-2017-6832","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6832"},{"reference_url":"https://usn.ubuntu.com/3241-1/","reference_id":"USN-3241-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3241-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1035868?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-2%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2fxt-mcp5-vkdz"},{"vulnerability":"VCID-411s-5r62-zubr"},{"vulnerability":"VCID-5ckf-qbbb-57f7"},{"vulnerability":"VCID-87tp-awyv-4yad"},{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-913x-rwya-xbgt"},{"vulnerability":"VCID-aeat-dx5y-dfgr"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-gg9m-4dyw-3ub1"},{"vulnerability":"VCID-hpre-4v15-xkb6"},{"vulnerability":"VCID-j162-684h-wqak"},{"vulnerability":"VCID-nmab-8ky6-nyb4"},{"vulnerability":"VCID-qw16-rfw7-2qdk"},{"vulnerability":"VCID-sekd-w6gm-67dv"},{"vulnerability":"VCID-sfj3-8vbt-bkfp"},{"vulnerability":"VCID-ur9b-fgja-r7he"},{"vulnerability":"VCID-vcr2-823b-93d6"},{"vulnerability":"VCID-xfc4-v9yn-wkdf"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-2%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2017-6832"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ur9b-fgja-r7he"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78127?format=json","vulnerability_id":"VCID-vcr2-823b-93d6","summary":"audiofile: a Denial of Service via crafted file","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18781.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18781.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18781","reference_id":"","reference_type":"","scores":[{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08134","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08194","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08268","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08249","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08246","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08258","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08278","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18781"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18781","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18781"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235372","reference_id":"2235372","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235372"},{"reference_url":"https://github.com/mpruett/audiofile/issues/56","reference_id":"56","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:33:41Z/"}],"url":"https://github.com/mpruett/audiofile/issues/56"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2020-18781"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcr2-823b-93d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85508?format=json","vulnerability_id":"VCID-xfc4-v9yn-wkdf","summary":"audiofile: Buffer overflow when changing number of channels and sample format","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7747.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7747.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7747","reference_id":"","reference_type":"","scores":[{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.9799","published_at":"2026-04-01T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.97995","published_at":"2026-04-02T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.97997","published_at":"2026-04-04T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.97999","published_at":"2026-04-07T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.98004","published_at":"2026-04-08T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.98006","published_at":"2026-04-09T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.9801","published_at":"2026-04-11T12:55:00Z"},{"value":"0.53986","scoring_system":"epss","scoring_elements":"0.98011","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7747"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7747","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7747"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1269766","reference_id":"1269766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1269766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801102","reference_id":"801102","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=801102"},{"reference_url":"https://usn.ubuntu.com/2787-1/","reference_id":"USN-2787-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2787-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1049530?format=json","purl":"pkg:deb/debian/audiofile@0.3.6-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8jyp-6tk9-bfd5"},{"vulnerability":"VCID-e4m1-b558-gkhv"},{"vulnerability":"VCID-fwy3-sk29-mfhw"},{"vulnerability":"VCID-hpre-4v15-xkb6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.3.6-4%252Bdeb9u1"}],"aliases":["CVE-2015-7747"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xfc4-v9yn-wkdf"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/audiofile@0.2.6-6"}