{"url":"http://public2.vulnerablecode.io/api/packages/112587?format=json","purl":"pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.5-1jpp.2?arch=el6_9","type":"rpm","namespace":"redhat","name":"java-1.7.1-ibm","version":"1:1.7.1.4.5-1jpp.2","qualifiers":{"arch":"el6_9"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60251?format=json","vulnerability_id":"VCID-69zc-r9uw-jke5","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3511.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3511","reference_id":"","reference_type":"","scores":[{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81825","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81719","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81718","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81722","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81747","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81756","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81762","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81779","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81801","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81628","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.8165","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81648","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.81675","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.8168","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01597","scoring_system":"epss","scoring_elements":"0.817","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3858","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"http://www.debian.org/security/2017/dsa-3858"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"reference_url":"http://www.securityfocus.com/bid/97731","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"http://www.securityfocus.com/bid/97731"},{"reference_url":"http://www.securitytracker.com/id/1038286","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"http://www.securitytracker.com/id/1038286"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443007","reference_id":"1443007","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443007"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3511","reference_id":"CVE-2017-3511","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:P/I:P/A:P"},{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3511"},{"reference_url":"https://security.gentoo.org/glsa/201705-03","reference_id":"GLSA-201705-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://security.gentoo.org/glsa/201705-03"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1108","reference_id":"RHSA-2017:1108","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1109","reference_id":"RHSA-2017:1109","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1117","reference_id":"RHSA-2017:1117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1118","reference_id":"RHSA-2017:1118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1204","reference_id":"RHSA-2017:1204","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-04T16:22:50Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/3275-1/","reference_id":"USN-3275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-1/"},{"reference_url":"https://usn.ubuntu.com/3275-2/","reference_id":"USN-3275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-2/"}],"fixed_packages":[],"aliases":["CVE-2017-3511"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"6.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69zc-r9uw-jke5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60257?format=json","vulnerability_id":"VCID-c9qw-1g2p-qqcr","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3544.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3544.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3544","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59538","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59359","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59506","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5949","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59471","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59504","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59511","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59494","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59466","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59473","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59433","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.5948","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59423","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59474","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59487","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3544"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://source.android.com/security/bulletin/2017-07-01","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://source.android.com/security/bulletin/2017-07-01"},{"reference_url":"http://www.debian.org/security/2017/dsa-3858","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"http://www.debian.org/security/2017/dsa-3858"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"reference_url":"http://www.securityfocus.com/bid/97745","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"http://www.securityfocus.com/bid/97745"},{"reference_url":"http://www.securitytracker.com/id/1038286","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"http://www.securitytracker.com/id/1038286"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443068","reference_id":"1443068","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443068"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3544","reference_id":"CVE-2017-3544","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3544"},{"reference_url":"https://security.gentoo.org/glsa/201705-03","reference_id":"GLSA-201705-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://security.gentoo.org/glsa/201705-03"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1108","reference_id":"RHSA-2017:1108","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1109","reference_id":"RHSA-2017:1109","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1117","reference_id":"RHSA-2017:1117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1118","reference_id":"RHSA-2017:1118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1119","reference_id":"RHSA-2017:1119","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1204","reference_id":"RHSA-2017:1204","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/3275-1/","reference_id":"USN-3275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-1/"},{"reference_url":"https://usn.ubuntu.com/3275-2/","reference_id":"USN-3275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-2/"}],"fixed_packages":[],"aliases":["CVE-2017-3544"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9qw-1g2p-qqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56189?format=json","vulnerability_id":"VCID-eyjp-7kks-jbfr","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841","reference_id":"","reference_type":"","scores":[{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94264","published_at":"2026-05-09T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94214","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94229","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94237","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94242","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94253","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94204","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94208","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13495","scoring_system":"epss","scoring_elements":"0.94213","published_at":"2026-04-12T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95488","published_at":"2026-04-02T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95494","published_at":"2026-04-04T12:55:00Z"},{"value":"0.20281","scoring_system":"epss","scoring_elements":"0.95479","published_at":"2026-04-01T12:55:00Z"},{"value":"0.20848","scoring_system":"epss","scoring_elements":"0.95599","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9841"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346","reference_id":"1402346","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402346"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[],"aliases":["CVE-2016-9841"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyjp-7kks-jbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60256?format=json","vulnerability_id":"VCID-fsu1-jy1q-qkh1","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3539.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3539","reference_id":"","reference_type":"","scores":[{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72821","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72681","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72723","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72734","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72726","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72767","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72777","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72773","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72766","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72638","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.7263","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72655","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72672","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72685","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72708","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72691","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3858","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"http://www.debian.org/security/2017/dsa-3858"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"reference_url":"http://www.securityfocus.com/bid/97752","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"http://www.securityfocus.com/bid/97752"},{"reference_url":"http://www.securitytracker.com/id/1038286","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"http://www.securitytracker.com/id/1038286"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443097","reference_id":"1443097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443097"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3539","reference_id":"CVE-2017-3539","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:N/I:P/A:N"},{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3539"},{"reference_url":"https://security.gentoo.org/glsa/201705-03","reference_id":"GLSA-201705-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://security.gentoo.org/glsa/201705-03"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1108","reference_id":"RHSA-2017:1108","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1109","reference_id":"RHSA-2017:1109","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1117","reference_id":"RHSA-2017:1117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1118","reference_id":"RHSA-2017:1118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1119","reference_id":"RHSA-2017:1119","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1204","reference_id":"RHSA-2017:1204","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:44:55Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/3275-1/","reference_id":"USN-3275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-1/"},{"reference_url":"https://usn.ubuntu.com/3275-2/","reference_id":"USN-3275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-2/"}],"fixed_packages":[],"aliases":["CVE-2017-3539"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fsu1-jy1q-qkh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60255?format=json","vulnerability_id":"VCID-ft81-49v3-a7cr","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3533.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3533.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3533","reference_id":"","reference_type":"","scores":[{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70932","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70782","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70833","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70811","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70864","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70873","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70872","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70855","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70895","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70737","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70721","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.7073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70775","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70791","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70813","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00648","scoring_system":"epss","scoring_elements":"0.70798","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3858","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"http://www.debian.org/security/2017/dsa-3858"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"reference_url":"http://www.securityfocus.com/bid/97740","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"http://www.securityfocus.com/bid/97740"},{"reference_url":"http://www.securitytracker.com/id/1038286","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"http://www.securitytracker.com/id/1038286"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443083","reference_id":"1443083","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443083"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3533","reference_id":"CVE-2017-3533","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3533"},{"reference_url":"https://security.gentoo.org/glsa/201705-03","reference_id":"GLSA-201705-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://security.gentoo.org/glsa/201705-03"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1108","reference_id":"RHSA-2017:1108","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1109","reference_id":"RHSA-2017:1109","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1117","reference_id":"RHSA-2017:1117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1118","reference_id":"RHSA-2017:1118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1119","reference_id":"RHSA-2017:1119","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1204","reference_id":"RHSA-2017:1204","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:02Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/3275-1/","reference_id":"USN-3275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-1/"},{"reference_url":"https://usn.ubuntu.com/3275-2/","reference_id":"USN-3275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-2/"}],"fixed_packages":[],"aliases":["CVE-2017-3533"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ft81-49v3-a7cr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56190?format=json","vulnerability_id":"VCID-m6xx-a91r-sbhu","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9842.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842","reference_id":"","reference_type":"","scores":[{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93856","published_at":"2026-05-07T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93866","published_at":"2026-05-09T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93845","published_at":"2026-05-05T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93839","published_at":"2026-04-26T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93837","published_at":"2026-04-29T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93842","published_at":"2026-04-24T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.9377","published_at":"2026-04-01T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93804","published_at":"2026-04-09T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93801","published_at":"2026-04-08T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93793","published_at":"2026-04-07T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93789","published_at":"2026-04-04T12:55:00Z"},{"value":"0.12133","scoring_system":"epss","scoring_elements":"0.93779","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9842"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9842"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348","reference_id":"1402348","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402348"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/12/05/21","reference_id":"21","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.openwall.com/lists/oss-security/2016/12/05/21"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274","reference_id":"847274","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847274"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"http://www.securityfocus.com/bid/95131","reference_id":"95131","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://www.securityfocus.com/bid/95131"},{"reference_url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib","reference_id":"Completed#zlib","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/MOSS/Secure_Open_Source/Completed#zlib"},{"reference_url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958","reference_id":"e54e1299404101a5a9d0cf5e45512b543967f958","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://github.com/madler/zlib/commit/e54e1299404101a5a9d0cf5e45512b543967f958"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html","reference_id":"msg00027.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2019/03/msg00027.html"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html","reference_id":"msg00030.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2020/01/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html","reference_id":"msg00050.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00050.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html","reference_id":"msg00053.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2017-01/msg00053.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html","reference_id":"msg00127.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00127.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf","reference_id":"Zlib-report.pdf","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-04T16:34:37Z/"}],"url":"https://wiki.mozilla.org/images/0/09/Zlib-report.pdf"}],"fixed_packages":[],"aliases":["CVE-2016-9842"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6xx-a91r-sbhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56188?format=json","vulnerability_id":"VCID-mr6h-6jrp-gyf3","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9840.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840","reference_id":"","reference_type":"","scores":[{"value":"0.07707","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-21T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93112","published_at":"2026-05-09T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93084","published_at":"2026-04-26T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.9308","published_at":"2026-04-29T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93087","published_at":"2026-05-05T12:55:00Z"},{"value":"0.10009","scoring_system":"epss","scoring_elements":"0.93102","published_at":"2026-05-07T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94072","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94076","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94081","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94097","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94102","published_at":"2026-04-18T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94064","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.94041","published_at":"2026-04-01T12:55:00Z"},{"value":"0.13004","scoring_system":"epss","scoring_elements":"0.9405","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9840"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9840"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345","reference_id":"1402345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402345"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270","reference_id":"847270","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847270"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10541","reference_id":"RHSA-2025:10541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:10541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11048","reference_id":"RHSA-2025:11048","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:11048"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12013","reference_id":"RHSA-2025:12013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13947","reference_id":"RHSA-2025:13947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8284","reference_id":"RHSA-2025:8284","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8284"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8314","reference_id":"RHSA-2025:8314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8395","reference_id":"RHSA-2025:8395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8395"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/6736-1/","reference_id":"USN-6736-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-1/"},{"reference_url":"https://usn.ubuntu.com/6736-2/","reference_id":"USN-6736-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6736-2/"}],"fixed_packages":[],"aliases":["CVE-2016-9840"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mr6h-6jrp-gyf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56191?format=json","vulnerability_id":"VCID-smft-ms93-6kf1","summary":"Multiple vulnerabilities have been found in rsync, the worst of\n    which could result in a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9843.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843","reference_id":"","reference_type":"","scores":[{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9454","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94547","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94555","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94557","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94567","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94571","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94578","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.9459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94595","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94599","published_at":"2026-04-21T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.946","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94616","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15071","scoring_system":"epss","scoring_elements":"0.94626","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9843"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351","reference_id":"1402351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1402351"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275","reference_id":"847275","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847275"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509","reference_id":"924509","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924509"},{"reference_url":"https://security.gentoo.org/glsa/201701-56","reference_id":"GLSA-201701-56","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-56"},{"reference_url":"https://security.gentoo.org/glsa/202007-54","reference_id":"GLSA-202007-54","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202007-54"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:2999","reference_id":"RHSA-2017:2999","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:2999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3046","reference_id":"RHSA-2017:3046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3047","reference_id":"RHSA-2017:3047","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/4246-1/","reference_id":"USN-4246-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4246-1/"},{"reference_url":"https://usn.ubuntu.com/4292-1/","reference_id":"USN-4292-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4292-1/"},{"reference_url":"https://usn.ubuntu.com/7959-1/","reference_id":"USN-7959-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7959-1/"}],"fixed_packages":[],"aliases":["CVE-2016-9843"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-smft-ms93-6kf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84380?format=json","vulnerability_id":"VCID-su3k-9x5e-rqg4","summary":"JDK: XML External Entity Injection (XXE) error when processing XML data","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1289.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1289.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1289","reference_id":"","reference_type":"","scores":[{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75935","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76137","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76085","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76113","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75938","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75971","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75949","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75982","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75997","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76022","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75998","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.75992","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76034","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76019","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76056","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76066","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00923","scoring_system":"epss","scoring_elements":"0.76077","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1289"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449603","reference_id":"1449603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1449603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:3453"}],"fixed_packages":[],"aliases":["CVE-2017-1289"],"risk_score":3.7,"exploitability":"0.5","weighted_severity":"7.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-su3k-9x5e-rqg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60250?format=json","vulnerability_id":"VCID-zzqd-253d-ykca","summary":"Multiple vulnerabilities have been found in IcedTea, the worst of\n    which may allow execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3509.json","reference_id":"","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3509.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3509","reference_id":"","reference_type":"","scores":[{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72523","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72431","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.7244","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72428","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.7247","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72479","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72476","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72467","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72497","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72348","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72343","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72367","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72344","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72383","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72395","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72418","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72402","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3509"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3526"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3544"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.debian.org/security/2017/dsa-3858","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"http://www.debian.org/security/2017/dsa-3858"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"reference_url":"http://www.securityfocus.com/bid/97737","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"http://www.securityfocus.com/bid/97737"},{"reference_url":"http://www.securitytracker.com/id/1038286","reference_id":"","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"http://www.securitytracker.com/id/1038286"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443052","reference_id":"1443052","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1443052"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6:update_141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6:update_141:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7:update_131:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8:update_121:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3509","reference_id":"CVE-2017-3509","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:N"},{"value":"4.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-3509"},{"reference_url":"https://security.gentoo.org/glsa/201705-03","reference_id":"GLSA-201705-03","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://security.gentoo.org/glsa/201705-03"},{"reference_url":"https://security.gentoo.org/glsa/201707-01","reference_id":"GLSA-201707-01","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://security.gentoo.org/glsa/201707-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1108","reference_id":"RHSA-2017:1108","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1108"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1109","reference_id":"RHSA-2017:1109","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1109"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1117","reference_id":"RHSA-2017:1117","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1117"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1118","reference_id":"RHSA-2017:1118","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1118"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1119","reference_id":"RHSA-2017:1119","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1119"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1204","reference_id":"RHSA-2017:1204","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1204"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1220","reference_id":"RHSA-2017:1220","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1221","reference_id":"RHSA-2017:1221","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:1222","reference_id":"RHSA-2017:1222","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:1222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:3453","reference_id":"RHSA-2017:3453","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:45:13Z/"}],"url":"https://access.redhat.com/errata/RHSA-2017:3453"},{"reference_url":"https://usn.ubuntu.com/3275-1/","reference_id":"USN-3275-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-1/"},{"reference_url":"https://usn.ubuntu.com/3275-2/","reference_id":"USN-3275-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3275-2/"}],"fixed_packages":[],"aliases":["CVE-2017-3509"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzqd-253d-ykca"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.7.1-ibm@1:1.7.1.4.5-1jpp.2%3Farch=el6_9"}