{"url":"http://public2.vulnerablecode.io/api/packages/110262?format=json","purl":"pkg:rpm/redhat/glibc@2.17-222?arch=el7","type":"rpm","namespace":"redhat","name":"glibc","version":"2.17-222","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54362?format=json","vulnerability_id":"VCID-aapy-xr76-zbc4","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9402.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9402.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9402","reference_id":"","reference_type":"","scores":[{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92444","published_at":"2026-04-01T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92451","published_at":"2026-04-02T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92459","published_at":"2026-04-04T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92462","published_at":"2026-04-07T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92474","published_at":"2026-04-08T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92479","published_at":"2026-04-09T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92486","published_at":"2026-04-13T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92496","published_at":"2026-04-18T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92499","published_at":"2026-04-21T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92501","published_at":"2026-04-24T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92502","published_at":"2026-04-26T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92498","published_at":"2026-04-29T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92508","published_at":"2026-05-05T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92518","published_at":"2026-05-07T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92529","published_at":"2026-05-09T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92533","published_at":"2026-05-11T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92539","published_at":"2026-05-12T12:55:00Z"},{"value":"0.087","scoring_system":"epss","scoring_elements":"0.92564","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7424","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7424"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9402","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9402"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1472"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1473","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1473"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1175369","reference_id":"1175369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1175369"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775572","reference_id":"775572","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775572"},{"reference_url":"https://security.gentoo.org/glsa/201602-02","reference_id":"GLSA-201602-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201602-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://usn.ubuntu.com/2519-1/","reference_id":"USN-2519-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2519-1/"}],"fixed_packages":[],"aliases":["CVE-2014-9402"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aapy-xr76-zbc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31488?format=json","vulnerability_id":"VCID-hdz6-ewkg-xqc9","summary":"Multiple vulnerabilities have been found in glibc, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15804.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15804","reference_id":"","reference_type":"","scores":[{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42909","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42857","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42875","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42814","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42843","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43072","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43039","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43092","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43104","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43126","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43077","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43137","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43127","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.43061","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42996","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42998","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.42916","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00207","scoring_system":"epss","scoring_elements":"0.4278","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15804"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=22332","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=22332"},{"reference_url":"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/git/gitweb.cgi?p=glibc.git%3Ba=commit%3Bh=a159b53fa059947cc2548e3b0d5bdcf7b9630ba8"},{"reference_url":"http://www.securityfocus.com/bid/101535","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101535"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505298","reference_id":"1505298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1505298"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879955","reference_id":"879955","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879955"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15804","reference_id":"CVE-2017-15804","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15804"},{"reference_url":"https://security.gentoo.org/glsa/201804-02","reference_id":"GLSA-201804-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1879","reference_id":"RHSA-2018:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1879"},{"reference_url":"https://usn.ubuntu.com/3534-1/","reference_id":"USN-3534-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3534-1/"}],"fixed_packages":[],"aliases":["CVE-2017-15804"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdz6-ewkg-xqc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84471?format=json","vulnerability_id":"VCID-q5az-xe7k-m7av","summary":"glibc: Fragmentation attacks possible when EDNS0 is enabled","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12132.json","reference_id":"","reference_type":"","scores":[{"value":"3.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12132.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12132","reference_id":"","reference_type":"","scores":[{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52657","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52758","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52746","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52712","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52739","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52702","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52729","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52694","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52745","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.5274","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.5279","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52774","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52795","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52803","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52786","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52735","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52706","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.5265","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00294","scoring_system":"epss","scoring_elements":"0.52703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00839","scoring_system":"epss","scoring_elements":"0.7488","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12132"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12132","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12132"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477529","reference_id":"1477529","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1477529"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870650","reference_id":"870650","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870650"},{"reference_url":"https://security.archlinux.org/AVG-368","reference_id":"AVG-368","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-368"},{"reference_url":"https://security.archlinux.org/AVG-369","reference_id":"AVG-369","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://usn.ubuntu.com/5768-1/","reference_id":"USN-5768-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5768-1/"}],"fixed_packages":[],"aliases":["CVE-2017-12132"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q5az-xe7k-m7av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39601?format=json","vulnerability_id":"VCID-vake-u1n1-x3hx","summary":"Multiple vulnerabilities have been found in the GNU C Library, the\n    worst of which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5180.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5180","reference_id":"","reference_type":"","scores":[{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61304","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.6116","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61285","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.6124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61269","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61236","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61284","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61299","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00409","scoring_system":"epss","scoring_elements":"0.61318","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0062","scoring_system":"epss","scoring_elements":"0.70223","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72959","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72876","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72885","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72878","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.7292","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72929","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72926","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72921","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72947","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72972","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00737","scoring_system":"epss","scoring_elements":"0.72935","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1249603","reference_id":"1249603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1249603"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796106","reference_id":"796106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796106"},{"reference_url":"https://security.gentoo.org/glsa/201706-19","reference_id":"GLSA-201706-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201706-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://usn.ubuntu.com/3239-1/","reference_id":"USN-3239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3239-1/"}],"fixed_packages":[],"aliases":["CVE-2015-5180"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vake-u1n1-x3hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31486?format=json","vulnerability_id":"VCID-wctr-ebf2-gqa1","summary":"Multiple vulnerabilities have been found in glibc, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15670.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15670.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15670","reference_id":"","reference_type":"","scores":[{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44273","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44164","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44034","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44112","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44129","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44066","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44097","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44302","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44354","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44359","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44376","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44345","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.444","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4439","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.4432","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44233","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44236","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44155","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15670"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=22320","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=22320"},{"reference_url":"http://www.securityfocus.com/bid/101521","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/101521"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1504804","reference_id":"1504804","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1504804"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879501","reference_id":"879501","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879501"},{"reference_url":"https://security.archlinux.org/ASA-201801-8","reference_id":"ASA-201801-8","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-8"},{"reference_url":"https://security.archlinux.org/ASA-201801-9","reference_id":"ASA-201801-9","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-9"},{"reference_url":"https://security.archlinux.org/AVG-460","reference_id":"AVG-460","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-460"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15670","reference_id":"CVE-2017-15670","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15670"},{"reference_url":"https://security.gentoo.org/glsa/201804-02","reference_id":"GLSA-201804-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1879","reference_id":"RHSA-2018:1879","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1879"},{"reference_url":"https://usn.ubuntu.com/3534-1/","reference_id":"USN-3534-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3534-1/"}],"fixed_packages":[],"aliases":["CVE-2017-15670"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wctr-ebf2-gqa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31490?format=json","vulnerability_id":"VCID-ww2m-6691-yfa7","summary":"Multiple vulnerabilities have been found in glibc, the worst of\n    which could allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000001.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000001","reference_id":"","reference_type":"","scores":[{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97446","published_at":"2026-05-14T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97425","published_at":"2026-05-07T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97429","published_at":"2026-05-09T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97432","published_at":"2026-05-11T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97436","published_at":"2026-05-12T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.9739","published_at":"2026-04-07T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97396","published_at":"2026-04-08T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97397","published_at":"2026-04-09T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97399","published_at":"2026-04-11T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.974","published_at":"2026-04-12T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97401","published_at":"2026-04-13T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97412","published_at":"2026-04-24T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97411","published_at":"2026-04-21T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97414","published_at":"2026-04-26T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97417","published_at":"2026-04-29T12:55:00Z"},{"value":"0.41417","scoring_system":"epss","scoring_elements":"0.97422","published_at":"2026-05-05T12:55:00Z"},{"value":"0.44049","scoring_system":"epss","scoring_elements":"0.97524","published_at":"2026-04-02T12:55:00Z"},{"value":"0.44049","scoring_system":"epss","scoring_elements":"0.97527","published_at":"2026-04-04T12:55:00Z"},{"value":"0.44049","scoring_system":"epss","scoring_elements":"0.97518","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000001"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533836","reference_id":"1533836","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1533836"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887001","reference_id":"887001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887001"},{"reference_url":"https://security.archlinux.org/ASA-201801-18","reference_id":"ASA-201801-18","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-18"},{"reference_url":"https://security.archlinux.org/ASA-201801-19","reference_id":"ASA-201801-19","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201801-19"},{"reference_url":"https://security.archlinux.org/AVG-590","reference_id":"AVG-590","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-590"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43775.c","reference_id":"CVE-2018-1000001","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/43775.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44889.rb","reference_id":"CVE-2018-1000001","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/44889.rb"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/29f4870fa0f916e31300d1bc78aeabeb297c667f/modules/exploits/linux/local/glibc_realpath_priv_esc.rb","reference_id":"CVE-2018-1000001","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/29f4870fa0f916e31300d1bc78aeabeb297c667f/modules/exploits/linux/local/glibc_realpath_priv_esc.rb"},{"reference_url":"https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/RationalLove.c","reference_id":"CVE-2018-1000001","reference_type":"exploit","scores":[],"url":"https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/RationalLove.c"},{"reference_url":"https://security.gentoo.org/glsa/201804-02","reference_id":"GLSA-201804-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201804-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0805","reference_id":"RHSA-2018:0805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0805"},{"reference_url":"https://usn.ubuntu.com/3534-1/","reference_id":"USN-3534-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3534-1/"},{"reference_url":"https://usn.ubuntu.com/3536-1/","reference_id":"USN-3536-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3536-1/"},{"reference_url":"https://usn.ubuntu.com/USN-4768-1/","reference_id":"USN-USN-4768-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/USN-4768-1/"}],"fixed_packages":[],"aliases":["CVE-2018-1000001"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ww2m-6691-yfa7"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/glibc@2.17-222%3Farch=el7"}