Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/318251?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "type": "apk", "namespace": "alpine", "name": "wireshark", "version": "2.2.7-r0", "qualifiers": { "arch": "armv7", "distroversion": "v3.12", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.2.8-r0", "latest_non_vulnerable_version": "3.2.9-r0", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105243?format=api", "vulnerability_id": "VCID-45xy-pytf-hbax", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9354.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9354.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9354", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.74032", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73999", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.81995", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.82", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01589", "scoring_system": "epss", "scoring_elements": "0.82001", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9354" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9354", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9354" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458147", "reference_id": "1458147", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458147" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9354" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-45xy-pytf-hbax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105233?format=api", "vulnerability_id": "VCID-4d6n-792e-u7c2", "summary": "In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9347.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9347.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9347", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09767", "scoring_system": "epss", "scoring_elements": "0.93095", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09767", "scoring_system": "epss", "scoring_elements": "0.93099", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.09767", "scoring_system": "epss", "scoring_elements": "0.93105", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.09767", "scoring_system": "epss", "scoring_elements": "0.93104", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.09767", "scoring_system": "epss", "scoring_elements": "0.93101", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9347" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9347", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9347" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458145", "reference_id": "1458145", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458145" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" }, { "reference_url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637", "reference_id": "CVE-2017-9347", "reference_type": "exploit", "scores": [], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13637" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42124.txt", "reference_id": "CVE-2017-9347", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42124.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9347" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4d6n-792e-u7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105239?format=api", "vulnerability_id": "VCID-916p-2vc9-guad", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9352.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.66008", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.66044", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.6606", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.66071", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00492", "scoring_system": "epss", "scoring_elements": "0.66056", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9352" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:N/I:N/A:C" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458136", "reference_id": "1458136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9352" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-916p-2vc9-guad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105234?format=api", "vulnerability_id": "VCID-ey91-5p4b-97bq", "summary": "In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9348.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9348.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9348", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.80118", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.80135", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.80143", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.80148", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9348" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9348", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9348" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458137", "reference_id": "1458137", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458137" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9348" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ey91-5p4b-97bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105237?format=api", "vulnerability_id": "VCID-fpjj-emjn-nqah", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier more carefully.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9351.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9351.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9351", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76717", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76733", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76749", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76755", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76744", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9351" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9351", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9351" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458138", "reference_id": "1458138", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458138" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9351" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fpjj-emjn-nqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105235?format=api", "vulnerability_id": "VCID-jcxv-rnqs-cuh4", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00806", "scoring_system": "epss", "scoring_elements": "0.74531", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00806", "scoring_system": "epss", "scoring_elements": "0.74559", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00806", "scoring_system": "epss", "scoring_elements": "0.74548", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74623", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00811", "scoring_system": "epss", "scoring_elements": "0.74592", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458141", "reference_id": "1458141", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458141" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9349" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcxv-rnqs-cuh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105241?format=api", "vulnerability_id": "VCID-m6y5-w2fs-wycg", "summary": "In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9353.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9353.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07148", "scoring_system": "epss", "scoring_elements": "0.91717", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.07148", "scoring_system": "epss", "scoring_elements": "0.91705", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.13695", "scoring_system": "epss", "scoring_elements": "0.94405", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.13695", "scoring_system": "epss", "scoring_elements": "0.94403", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9353" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458148", "reference_id": "1458148", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458148" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" }, { "reference_url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675", "reference_id": "CVE-2017-9353", "reference_type": "exploit", "scores": [], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13675" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42123.txt", "reference_id": "CVE-2017-9353", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/42123.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9353" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m6y5-w2fs-wycg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105230?format=api", "vulnerability_id": "VCID-mtt3-hx5c-5qed", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01179", "scoring_system": "epss", "scoring_elements": "0.7911", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01179", "scoring_system": "epss", "scoring_elements": "0.79084", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02017", "scoring_system": "epss", "scoring_elements": "0.84071", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.02017", "scoring_system": "epss", "scoring_elements": "0.84085", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02017", "scoring_system": "epss", "scoring_elements": "0.8408", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458143", "reference_id": "1458143", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458143" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9344" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mtt3-hx5c-5qed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105232?format=api", "vulnerability_id": "VCID-pfbn-h5dg-m3hh", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9346.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9346.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.72102", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.72116", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.72142", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.7215", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00686", "scoring_system": "epss", "scoring_elements": "0.72129", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9346" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9346", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9346" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458139", "reference_id": "1458139", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9346" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pfbn-h5dg-m3hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105229?format=api", "vulnerability_id": "VCID-rrsd-chzn-7ydd", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9343.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74117", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74123", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.7415", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74155", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74141", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9343" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458144", "reference_id": "1458144", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458144" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9343" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrsd-chzn-7ydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105231?format=api", "vulnerability_id": "VCID-xgrn-v7nv-kfad", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9345.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9345.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9345", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77444", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.7746", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77471", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.0101", "scoring_system": "epss", "scoring_elements": "0.77481", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9345" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9345", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9345" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458140", "reference_id": "1458140", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458140" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9345" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgrn-v7nv-kfad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/105236?format=api", "vulnerability_id": "VCID-yp4b-b6ss-mueb", "summary": "In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative length.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9350.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9350.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9350", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01464", "scoring_system": "epss", "scoring_elements": "0.81219", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01464", "scoring_system": "epss", "scoring_elements": "0.81243", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.01464", "scoring_system": "epss", "scoring_elements": "0.81247", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01464", "scoring_system": "epss", "scoring_elements": "0.8125", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01464", "scoring_system": "epss", "scoring_elements": "0.81246", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9350" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9350", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9350" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458142", "reference_id": "1458142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058", "reference_id": "864058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864058" }, { "reference_url": "https://security.archlinux.org/ASA-201706-9", "reference_id": "ASA-201706-9", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-9" }, { "reference_url": "https://security.archlinux.org/AVG-287", "reference_id": "AVG-287", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-287" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/318251?format=api", "purl": "pkg:apk/alpine/wireshark@2.2.7-r0?arch=armv7&distroversion=v3.12&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" } ], "aliases": [ "CVE-2017-9350" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yp4b-b6ss-mueb" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/wireshark@2.2.7-r0%3Farch=armv7&distroversion=v3.12&reponame=community" }