{"url":"http://public2.vulnerablecode.io/api/packages/326790?format=json","purl":"pkg:apk/alpine/ffmpeg@3.2.7-r0?arch=ppc64le&distroversion=v3.6&reponame=main","type":"apk","namespace":"alpine","name":"ffmpeg","version":"3.2.7-r0","qualifiers":{"arch":"ppc64le","distroversion":"v3.6","reponame":"main"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.2.8-r0","latest_non_vulnerable_version":"3.2.9-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67554?format=json","vulnerability_id":"VCID-3ygr-4cs3-7fe9","summary":"Integer overflow in the ape_decode_frame function in libavcodec/apedec.c in FFmpeg 2.4 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access and application crash) or possibly have unspecified other impact via a crafted APE file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11399","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33235","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33336","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33352","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33316","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33282","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33303","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326790?format=json","purl":"pkg:apk/alpine/ffmpeg@3.2.7-r0?arch=ppc64le&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.2.7-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main"}],"aliases":["CVE-2017-11399"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ygr-4cs3-7fe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67555?format=json","vulnerability_id":"VCID-npf6-3n2j-4bbn","summary":"The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11665","reference_id":"","reference_type":"","scores":[{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60944","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60993","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.61001","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.6099","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60973","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00399","scoring_system":"epss","scoring_elements":"0.60988","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326790?format=json","purl":"pkg:apk/alpine/ffmpeg@3.2.7-r0?arch=ppc64le&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.2.7-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main"}],"aliases":["CVE-2017-11665"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-npf6-3n2j-4bbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67557?format=json","vulnerability_id":"VCID-wmcx-2nvw-r3e4","summary":"The dnxhd_decode_header function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a crafted DNxHD file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11719","reference_id":"","reference_type":"","scores":[{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48425","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48487","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48493","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48475","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48446","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0025","scoring_system":"epss","scoring_elements":"0.48458","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-11719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11665"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11719"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9608"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9993"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/326790?format=json","purl":"pkg:apk/alpine/ffmpeg@3.2.7-r0?arch=ppc64le&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.2.7-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main"}],"aliases":["CVE-2017-11719"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmcx-2nvw-r3e4"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@3.2.7-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main"}