{"url":"http://public2.vulnerablecode.io/api/packages/1082313?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-3","type":"deb","namespace":"debian","name":"tcpreplay","version":"3.4.4-3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"4.5.2-1","latest_non_vulnerable_version":"4.5.2-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206014?format=json","vulnerability_id":"VCID-33hk-mx6e-97h1","summary":"get_l2len in common/get.c in Tcpreplay 4.3.0 beta1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13112","reference_id":"","reference_type":"","scores":[{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73634","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73709","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73725","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00752","scoring_system":"epss","scoring_elements":"0.73724","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-13112"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13112","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13112"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902952","reference_id":"902952","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=902952"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-13112"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33hk-mx6e-97h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207875?format=json","vulnerability_id":"VCID-36nr-gyrj-sycx","summary":"Heap-buffer overflow in the randomize_iparp function in edit_packet.c. of Tcpreplay v4.3.2 allows attackers to cause a denial of service (DOS) via a crafted pcap.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23273","reference_id":"","reference_type":"","scores":[{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.3683","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37008","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37036","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00161","scoring_system":"epss","scoring_elements":"0.37022","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-23273"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23273","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23273"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-23273"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-36nr-gyrj-sycx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197363?format=json","vulnerability_id":"VCID-5t56-76xx-zfhm","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8376","reference_id":"","reference_type":"","scores":[{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46759","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.469","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46915","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00236","scoring_system":"epss","scoring_elements":"0.46896","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8376"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8376"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922624","reference_id":"922624","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922624"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8376"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5t56-76xx-zfhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197362?format=json","vulnerability_id":"VCID-5xnf-55q3-vqh4","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8377","reference_id":"","reference_type":"","scores":[{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46034","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46179","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46187","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00231","scoring_system":"epss","scoring_elements":"0.46173","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922623","reference_id":"922623","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922623"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8377"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5xnf-55q3-vqh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206259?format=json","vulnerability_id":"VCID-7ay4-m814-9fh3","summary":"A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a crafted pcap file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17580","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43245","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43402","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43421","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43412","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17580"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910596","reference_id":"910596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910596"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17580"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ay4-m814-9fh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206379?format=json","vulnerability_id":"VCID-ecrn-a5rs-tfbb","summary":"Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20553","reference_id":"","reference_type":"","scores":[{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42608","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42769","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42788","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00204","scoring_system":"epss","scoring_elements":"0.42778","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20553"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574","reference_id":"917574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-20553"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ecrn-a5rs-tfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197361?format=json","vulnerability_id":"VCID-hm8h-q4r1-dkfd","summary":"multiple issues","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8381","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48916","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.49052","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4907","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.49057","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8381"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922622","reference_id":"922622","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922622"},{"reference_url":"https://security.archlinux.org/ASA-201905-5","reference_id":"ASA-201905-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201905-5"},{"reference_url":"https://security.archlinux.org/AVG-902","reference_id":"AVG-902","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-902"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2019-8381"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hm8h-q4r1-dkfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206378?format=json","vulnerability_id":"VCID-n7cu-65z9-sugs","summary":"Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20552","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43971","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.44125","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.44143","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.44131","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-20552"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20552","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20552"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574","reference_id":"917574","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917574"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-20552"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7cu-65z9-sugs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206261?format=json","vulnerability_id":"VCID-rjys-8g9f-vucc","summary":"Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the destination (*prev_packet)->pktdata. This will result in a Denial of Service (DoS) and potentially Information Exposure when the application attempts to process a file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17582","reference_id":"","reference_type":"","scores":[{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43245","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43402","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43421","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00208","scoring_system":"epss","scoring_elements":"0.43412","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17582"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910597","reference_id":"910597","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910597"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17582"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rjys-8g9f-vucc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/197738?format=json","vulnerability_id":"VCID-szzm-sn93-yuev","summary":"information disclosure","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12740","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66987","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.67079","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.67093","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.67092","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12740"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12740","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12740"},{"reference_url":"https://security.archlinux.org/ASA-202007-3","reference_id":"ASA-202007-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202007-3"},{"reference_url":"https://security.archlinux.org/AVG-1154","reference_id":"AVG-1154","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1154"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-12740"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szzm-sn93-yuev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206289?format=json","vulnerability_id":"VCID-t85n-rsde-8ke4","summary":"A use-after-free was discovered in the tcpbridge binary of Tcpreplay 4.3.0 beta1. The issue gets triggered in the function post_args() at tcpbridge.c, causing a denial of service or possibly unspecified other impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18408","reference_id":"","reference_type":"","scores":[{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.5899","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.59102","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.59113","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00366","scoring_system":"epss","scoring_elements":"0.59104","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18408"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911493","reference_id":"911493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911493"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-18408"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t85n-rsde-8ke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206288?format=json","vulnerability_id":"VCID-vg7b-a248-kfau","summary":"A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18407","reference_id":"","reference_type":"","scores":[{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.51927","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.52058","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.52071","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00282","scoring_system":"epss","scoring_elements":"0.52054","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18407"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911454","reference_id":"911454","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911454"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-18407"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vg7b-a248-kfau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/206273?format=json","vulnerability_id":"VCID-wgmn-9gx9-akag","summary":"An issue was discovered in Tcpreplay 4.3.0 beta1. A heap-based buffer over-read was triggered in the function dlt_en10mb_encode() of the file plugins/dlt_en10mb/en10mb.c, due to inappropriate values in the function memmove(). The length (pktlen + ctx -> l2len) can be larger than source value (packet + ctx->l2len) because the function fails to ensure the length of a packet is valid. This leads to Denial of Service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17974","reference_id":"","reference_type":"","scores":[{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44031","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44184","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.44202","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.4419","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17974"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17974","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17974"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910598","reference_id":"910598","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910598"},{"reference_url":"https://usn.ubuntu.com/USN-5205-1/","reference_id":"USN-USN-5205-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-5205-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082669?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.1-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.1-1"}],"aliases":["CVE-2018-17974"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgmn-9gx9-akag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/207822?format=json","vulnerability_id":"VCID-yrh5-d7hr-qbec","summary":"Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18976","reference_id":"","reference_type":"","scores":[{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50894","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51026","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51041","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.51028","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-18976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18976"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1074955?format=json","purl":"pkg:deb/debian/tcpreplay@4.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m8z-4dn1-sfet"},{"vulnerability":"VCID-3prs-35ug-3qce"},{"vulnerability":"VCID-3u7q-67y1-7bgp"},{"vulnerability":"VCID-4m4q-3xsu-xud1"},{"vulnerability":"VCID-52k1-4ndc-fbgp"},{"vulnerability":"VCID-5z5g-4v62-y3fx"},{"vulnerability":"VCID-6bwu-9723-8ygp"},{"vulnerability":"VCID-7ae7-wj3j-dydh"},{"vulnerability":"VCID-a6hb-mp8r-uuer"},{"vulnerability":"VCID-aztp-5s24-uycg"},{"vulnerability":"VCID-d42u-3tft-pyff"},{"vulnerability":"VCID-dr86-4q78-37eh"},{"vulnerability":"VCID-ee1p-83jf-wyh2"},{"vulnerability":"VCID-g1r3-vf55-kfap"},{"vulnerability":"VCID-gad4-59v4-6fek"},{"vulnerability":"VCID-ghcd-trac-judm"},{"vulnerability":"VCID-hsj9-83tw-2ya6"},{"vulnerability":"VCID-j779-rkdh-z7fh"},{"vulnerability":"VCID-jbgq-8yf6-u7gx"},{"vulnerability":"VCID-k9n3-9fn4-nkes"},{"vulnerability":"VCID-nek9-jmvd-53f8"},{"vulnerability":"VCID-nr6u-ts1b-y7dk"},{"vulnerability":"VCID-qqda-rju4-vuek"},{"vulnerability":"VCID-s33z-p3wj-cubr"},{"vulnerability":"VCID-t3a8-72rn-eba6"},{"vulnerability":"VCID-t3jy-fbvd-17bq"},{"vulnerability":"VCID-tgcj-a3vg-jqdb"},{"vulnerability":"VCID-u1k9-mvfz-wkfq"},{"vulnerability":"VCID-v1zv-6m2f-aufy"},{"vulnerability":"VCID-v8bt-mvx6-xfeb"},{"vulnerability":"VCID-y2x2-2kyr-6fc3"},{"vulnerability":"VCID-zaem-kefu-23cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@4.3.3-2"}],"aliases":["CVE-2020-18976"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yrh5-d7hr-qbec"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204885?format=json","vulnerability_id":"VCID-n3yp-xzf8-tuf2","summary":"tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14266","reference_id":"","reference_type":"","scores":[{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81232","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.81292","published_at":"2026-06-14T12:55:00Z"},{"value":"0.01454","scoring_system":"epss","scoring_elements":"0.813","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-14266"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14266","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14266"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42652.txt","reference_id":"CVE-2017-14266","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42652.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082313?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33hk-mx6e-97h1"},{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-7ay4-m814-9fh3"},{"vulnerability":"VCID-ecrn-a5rs-tfbb"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-n7cu-65z9-sugs"},{"vulnerability":"VCID-rjys-8g9f-vucc"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-t85n-rsde-8ke4"},{"vulnerability":"VCID-vg7b-a248-kfau"},{"vulnerability":"VCID-wgmn-9gx9-akag"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-3"}],"aliases":["CVE-2017-14266"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3yp-xzf8-tuf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204480?format=json","vulnerability_id":"VCID-wgqm-m9fw-b7eu","summary":"tcprewrite in tcpreplay before 4.1.2 allows remote attackers to cause a denial of service (segmentation fault) via a large frame, a related issue to CVE-2017-14266.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6160","reference_id":"","reference_type":"","scores":[{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70522","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70612","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70626","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70622","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6160"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6160"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350","reference_id":"829350","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829350"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082313?format=json","purl":"pkg:deb/debian/tcpreplay@3.4.4-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-33hk-mx6e-97h1"},{"vulnerability":"VCID-36nr-gyrj-sycx"},{"vulnerability":"VCID-5t56-76xx-zfhm"},{"vulnerability":"VCID-5xnf-55q3-vqh4"},{"vulnerability":"VCID-7ay4-m814-9fh3"},{"vulnerability":"VCID-ecrn-a5rs-tfbb"},{"vulnerability":"VCID-hm8h-q4r1-dkfd"},{"vulnerability":"VCID-n7cu-65z9-sugs"},{"vulnerability":"VCID-rjys-8g9f-vucc"},{"vulnerability":"VCID-szzm-sn93-yuev"},{"vulnerability":"VCID-t85n-rsde-8ke4"},{"vulnerability":"VCID-vg7b-a248-kfau"},{"vulnerability":"VCID-wgmn-9gx9-akag"},{"vulnerability":"VCID-yrh5-d7hr-qbec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-3"}],"aliases":["CVE-2016-6160"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgqm-m9fw-b7eu"}],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/tcpreplay@3.4.4-3"}