{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","type":"apk","namespace":"alpine","name":"ffmpeg","version":"3.0.7-r0","qualifiers":{"arch":"armhf","distroversion":"v3.4","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.1.8-r0","latest_non_vulnerable_version":"3.1.11-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181191?format=json","vulnerability_id":"VCID-4rge-36cs-yudv","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7502","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44855","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7502"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7502","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7502"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434","reference_id":"840434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434"},{"reference_url":"https://security.gentoo.org/glsa/201701-71","reference_id":"GLSA-201701-71","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-71"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-7502"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4rge-36cs-yudv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177034?format=json","vulnerability_id":"VCID-5d3p-ksvx-hbef","summary":"Multiple vulnerabilities have been found in the Chromium web\n    browser, the worst of which allows remote attackers to execute arbitrary\n    code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5025.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-5025.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5025","reference_id":"","reference_type":"","scores":[{"value":"0.00202","scoring_system":"epss","scoring_elements":"0.42229","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-5025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5006","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5006"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5028","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5028"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416676","reference_id":"1416676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1416676"},{"reference_url":"https://security.archlinux.org/ASA-201701-33","reference_id":"ASA-201701-33","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201701-33"},{"reference_url":"https://security.archlinux.org/ASA-201702-10","reference_id":"ASA-201702-10","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201702-10"},{"reference_url":"https://security.archlinux.org/AVG-156","reference_id":"AVG-156","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-156"},{"reference_url":"https://security.archlinux.org/AVG-172","reference_id":"AVG-172","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-172"},{"reference_url":"https://security.gentoo.org/glsa/201701-66","reference_id":"GLSA-201701-66","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-66"},{"reference_url":"https://security.gentoo.org/glsa/201705-05","reference_id":"GLSA-201705-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201705-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2017:0206","reference_id":"RHSA-2017:0206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2017:0206"},{"reference_url":"https://usn.ubuntu.com/3180-1/","reference_id":"USN-3180-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3180-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2017-5025"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5d3p-ksvx-hbef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181190?format=json","vulnerability_id":"VCID-cg7s-zp5r-p7hf","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7450","reference_id":"","reference_type":"","scores":[{"value":"0.00221","scoring_system":"epss","scoring_elements":"0.44855","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7450"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7450","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434","reference_id":"840434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434"},{"reference_url":"https://security.gentoo.org/glsa/201701-71","reference_id":"GLSA-201701-71","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-71"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-7450"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cg7s-zp5r-p7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204481?format=json","vulnerability_id":"VCID-eq7j-rr9y-v7ej","summary":"Integer overflow in the mov_build_index function in libavformat/mov.c in FFmpeg before 2.8.8, 3.0.x before 3.0.3 and 3.1.x before 3.1.1 allows remote attackers to have unspecified impact via vectors involving sample size.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6164","reference_id":"","reference_type":"","scores":[{"value":"0.00936","scoring_system":"epss","scoring_elements":"0.76634","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6164"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6164"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-6164"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eq7j-rr9y-v7ej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181193?format=json","vulnerability_id":"VCID-ggwe-8s1j-4qa7","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7562","reference_id":"","reference_type":"","scores":[{"value":"0.00301","scoring_system":"epss","scoring_elements":"0.53806","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7562"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7562","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7562"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434","reference_id":"840434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434"},{"reference_url":"https://security.gentoo.org/glsa/201701-71","reference_id":"GLSA-201701-71","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-71"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-7562"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ggwe-8s1j-4qa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181195?format=json","vulnerability_id":"VCID-xnms-5bxw-z7aq","summary":"Multiple vulnerabilities have been found in FFmpeg, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7905","reference_id":"","reference_type":"","scores":[{"value":"0.00276","scoring_system":"epss","scoring_elements":"0.51316","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7905"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434","reference_id":"840434","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840434"},{"reference_url":"https://security.gentoo.org/glsa/201701-71","reference_id":"GLSA-201701-71","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-71"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-7905"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xnms-5bxw-z7aq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204519?format=json","vulnerability_id":"VCID-ywbe-qhgd-73gr","summary":"The zlib_refill function in libavformat/swfdec.c in FFmpeg before 3.1.3 allows remote attackers to cause an infinite loop denial of service via a crafted SWF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6881","reference_id":"","reference_type":"","scores":[{"value":"0.00435","scoring_system":"epss","scoring_elements":"0.63367","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6881"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/121115?format=json","purl":"pkg:apk/alpine/ffmpeg@3.0.7-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}],"aliases":["CVE-2016-6881"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywbe-qhgd-73gr"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.0.7-r0%3Farch=armhf&distroversion=v3.4&reponame=main"}