{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","type":"alpm","namespace":"archlinux","name":"binutils","version":"2.29.0-1","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.30-1","latest_non_vulnerable_version":"2.38-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50177?format=json","vulnerability_id":"VCID-1rp7-5hxs-tqbx","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6965","reference_id":"","reference_type":"","scores":[{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48609","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48672","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48624","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48678","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48674","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48692","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.48666","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00254","scoring_system":"epss","scoring_elements":"0.4865","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00292","scoring_system":"epss","scoring_elements":"0.52557","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6965"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21137","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21137"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435640","reference_id":"1435640","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435640"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264","reference_id":"858264","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858264"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6965","reference_id":"CVE-2017-6965","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6965"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-6965"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1rp7-5hxs-tqbx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60869?format=json","vulnerability_id":"VCID-4ty8-8ecg-mqdy","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7209.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7209","reference_id":"","reference_type":"","scores":[{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.5447","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54556","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54545","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54589","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7209"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7209"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21135","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21135"},{"reference_url":"http://www.securityfocus.com/bid/96994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96994"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435632","reference_id":"1435632","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435632"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323","reference_id":"858323","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858323"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7209","reference_id":"CVE-2017-7209","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7209"},{"reference_url":"https://security.gentoo.org/glsa/201801-01","reference_id":"GLSA-201801-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-01"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-7209"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ty8-8ecg-mqdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50193?format=json","vulnerability_id":"VCID-5cxe-ara7-jfcr","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9041","reference_id":"","reference_type":"","scores":[{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.6513","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65211","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65233","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65251","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65239","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.6518","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65205","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65171","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00483","scoring_system":"epss","scoring_elements":"0.65221","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9041"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452171","reference_id":"1452171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452171"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9041"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5cxe-ara7-jfcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84365?format=json","vulnerability_id":"VCID-b5je-gm19-yba5","summary":"binutils: Out-of-bounds read in the print_symbol_for_build_attribute function","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9044.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9044","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.54763","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61848","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.6201","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61999","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61921","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61951","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61971","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00421","scoring_system":"epss","scoring_elements":"0.61988","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9044"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9044"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452176","reference_id":"1452176","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452176"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9044"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b5je-gm19-yba5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50190?format=json","vulnerability_id":"VCID-dyx7-6xgz-mqa7","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9038.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9038","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57909","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57993","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57988","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58043","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58046","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9038"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9038"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452167","reference_id":"1452167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9038"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dyx7-6xgz-mqa7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50192?format=json","vulnerability_id":"VCID-j2wc-yxrx-4kh6","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9040.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9040","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64702","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64809","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64826","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64816","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64754","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64782","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.64795","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9040"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452169","reference_id":"1452169","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452169"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9040"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j2wc-yxrx-4kh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50178?format=json","vulnerability_id":"VCID-kzqn-frns-jyab","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6966.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6966","reference_id":"","reference_type":"","scores":[{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51154","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51251","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51243","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51287","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51265","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51207","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51232","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51191","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00278","scoring_system":"epss","scoring_elements":"0.51246","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6966"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6966"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21139","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435646","reference_id":"1435646","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435646"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263","reference_id":"858263","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858263"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6966","reference_id":"CVE-2017-6966","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6966"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-6966"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kzqn-frns-jyab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60870?format=json","vulnerability_id":"VCID-mgmr-bkuv-sbba","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7210.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7210","reference_id":"","reference_type":"","scores":[{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.5447","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54556","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54583","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54595","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54545","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54569","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00314","scoring_system":"epss","scoring_elements":"0.54589","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-7210"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7210"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21157","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21157"},{"reference_url":"http://www.securityfocus.com/bid/96992","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96992"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435634","reference_id":"1435634","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435634"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324","reference_id":"858324","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858324"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7210","reference_id":"CVE-2017-7210","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-7210"},{"reference_url":"https://security.gentoo.org/glsa/201801-01","reference_id":"GLSA-201801-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201801-01"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-7210"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mgmr-bkuv-sbba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/84364?format=json","vulnerability_id":"VCID-n93p-dptt-r3hg","summary":"binutils: Shift exponent too large for type unsigned long in readelf.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9043.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9043","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60219","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60295","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6032","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60288","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60375","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60338","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00471","scoring_system":"epss","scoring_elements":"0.64622","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9043"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452175","reference_id":"1452175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452175"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9043"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n93p-dptt-r3hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50179?format=json","vulnerability_id":"VCID-qnnr-5t4r-xfdc","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6969","reference_id":"","reference_type":"","scores":[{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63754","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63834","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63881","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63867","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63816","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63842","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63799","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.6385","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6969"},{"reference_url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21156","reference_id":"","reference_type":"","scores":[],"url":"https://sourceware.org/bugzilla/show_bug.cgi?id=21156"},{"reference_url":"http://www.securityfocus.com/bid/97065","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97065"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435648","reference_id":"1435648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1435648"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256","reference_id":"858256","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858256"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:binutils:2.28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6969","reference_id":"CVE-2017-6969","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"},{"value":"9.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-6969"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-6969"],"risk_score":4.1,"exploitability":"0.5","weighted_severity":"8.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnnr-5t4r-xfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50191?format=json","vulnerability_id":"VCID-qv6w-s2tv-eyfs","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9039.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9039","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57909","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58046","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58063","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58042","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57993","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58013","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57988","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58043","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9039"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9039"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452168","reference_id":"1452168","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452168"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9039"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qv6w-s2tv-eyfs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50194?format=json","vulnerability_id":"VCID-z7m5-hqbr-abc2","summary":"Multiple vulnerabilities have been found in Binutils, the worst of\n    which may allow remote attackers to cause a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9042.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9042","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60219","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60354","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60375","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60361","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60295","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6032","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60288","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60338","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9042"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9042"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"2.6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:N/I:N/A:P"},{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452173","reference_id":"1452173","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1452173"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674","reference_id":"863674","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863674"},{"reference_url":"https://security.archlinux.org/AVG-276","reference_id":"AVG-276","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-276"},{"reference_url":"https://security.gentoo.org/glsa/201709-02","reference_id":"GLSA-201709-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-02"},{"reference_url":"https://usn.ubuntu.com/4336-2/","reference_id":"USN-4336-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4336-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/373006?format=json","purl":"pkg:alpm/archlinux/binutils@2.29.0-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}],"aliases":["CVE-2017-9042"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z7m5-hqbr-abc2"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/binutils@2.29.0-1"}